cisco 3560 datasheet - The Cisco Catalyst 3560 is part of a larger and more scalable family of Cisco Catalyst switches that includes the Cisco Catalyst 3560-E Series switches, the Cisco Catalyst 3750 and 3750-E Series switches with Cisco StackWise technology, and the Cisco Catalyst 4500 and Catalyst 6500 modular switches.
United by Cisco IOS Software, the entire family offers industry-leading availability, integrated security, optimized delivery, and manageability.
As companies increasingly rely on networks as the strategic business infrastructure, it is more important than ever to help ensure their high availability, security, scalability, and control.
By adding Cisco intelligent functions for LAN access, customers can now deploy networkwide intelligent services that consistently address these requirements from the desktop to the core and through the WAN.
With Cisco Catalyst Intelligent Ethernet switches, Cisco Systems helps enable companies to realize the full benefits of adding intelligent services into their networks.
Deployment of capabilities that make the network infrastructure highly available to accommodate time-critical needs, scalable to accommodate growth, secure enough to protect confidential information, and capable of differentiating and controlling traffic flows is critical to further optimizing network operations.
Cisco Identity Based Networking Services (IBNS) provides authentication, access control, and security policy administration to secure network connectivity and resources.
Cisco IBNS in the Cisco Catalyst 3560 Series prevents unauthorized access and helps ensure that users get only their designated privileges.
It provides the ability to dynamically administer granular levels of network access. Using the 802.1x standard and the Cisco Access Control Server (ACS), users can be assigned a VLAN or an ACL upon authentication, regardless of where they connect to the network.
This setup allows IT departments to enable strong security policies without compromising user mobility-and with minimal administrative overhead.
To guard against denial-of-service and other attacks, ACLs can be used to restrict access to sensitive portions of the network by denying packets based on source and destination MAC addresses, IP addresses, or TCP/UDP ports.
ACL lookups are done in hardware, so forwarding performance isnot compromised when implementing ACL-based security.
Port security can be used to limit access on an Ethernet port based on the MAC address of the device to which it is connected.
It also can be used to limit the total number of devices plugged into a switch port, thereby protecting the switch from a MAC flooding attack as well as reducing the risks of rogue wireless access points or hubs.
With Dynamic Host Configuration Protocol (DHCP) snooping, DHCP spoofing can be thwarted by allowing only DHCP requests (but not responses) from untrusted user-facing ports.
Additionally, the DHCP Interface Tracker (Option 82) helps enable granular control over IP address assignment by augmenting a host IP address request with the switch port ID.
Building further on the DHCP snooping capabilities, IP address spoofing can be thwarted using Dynamic ARP Inspection and IP Source Guard.
The MAC Address Notification feature can be used to monitor the network and track users by sending an alert to a management station so that network administrators know when and where users entered the network.
The Private VLAN feature isolates ports on a switch, helping ensure that traffic travels directly from the entry point to the aggregation device through a virtual path and cannot be directed to another port.
Secure Shell (SSH) Protocol Version 2, Kerberos, and Simple Network Management Protocol Version 3 (SNMPv3) encrypt administrative and network-management information, protecting the network from tampering or eavesdropping.
TACACS+ or RADIUS authentication enables centralized access control of switches and restricts unauthorized users from altering the configurations.
Alternatively, a local username and password database can be configured on the switch itself. Fifteen levels of authorization on the switch console and two levels on the Web-based management interface provide the ability to give different levels of configuration capabilities to different administrators.
Download CISCO Catalyst 3560 Datasheet (PDF) here.
United by Cisco IOS Software, the entire family offers industry-leading availability, integrated security, optimized delivery, and manageability.
Cisco Catalyst 3560: Intelligence in the Network
Networks of today are evolving to address four new developments at the network edge:- Increase in desktop computing power
- Introduction of bandwidth-intensive applications
- Expansion of highly sensitive data on the network
- Presence of multiple device types, such as IP phones, WLAN access points, and IP video cameras.
As companies increasingly rely on networks as the strategic business infrastructure, it is more important than ever to help ensure their high availability, security, scalability, and control.
By adding Cisco intelligent functions for LAN access, customers can now deploy networkwide intelligent services that consistently address these requirements from the desktop to the core and through the WAN.
With Cisco Catalyst Intelligent Ethernet switches, Cisco Systems helps enable companies to realize the full benefits of adding intelligent services into their networks.
Deployment of capabilities that make the network infrastructure highly available to accommodate time-critical needs, scalable to accommodate growth, secure enough to protect confidential information, and capable of differentiating and controlling traffic flows is critical to further optimizing network operations.
Cisco Catalyst 3560: Enhanced Security
With the wide range of security features that the Cisco Catalyst 3560 Series offers, businesses can protect important information, keep unauthorized people off the network, guard privacy, and maintain uninterrupted operation.Cisco Identity Based Networking Services (IBNS) provides authentication, access control, and security policy administration to secure network connectivity and resources.
Cisco IBNS in the Cisco Catalyst 3560 Series prevents unauthorized access and helps ensure that users get only their designated privileges.
It provides the ability to dynamically administer granular levels of network access. Using the 802.1x standard and the Cisco Access Control Server (ACS), users can be assigned a VLAN or an ACL upon authentication, regardless of where they connect to the network.
This setup allows IT departments to enable strong security policies without compromising user mobility-and with minimal administrative overhead.
To guard against denial-of-service and other attacks, ACLs can be used to restrict access to sensitive portions of the network by denying packets based on source and destination MAC addresses, IP addresses, or TCP/UDP ports.
ACL lookups are done in hardware, so forwarding performance isnot compromised when implementing ACL-based security.
Port security can be used to limit access on an Ethernet port based on the MAC address of the device to which it is connected.
It also can be used to limit the total number of devices plugged into a switch port, thereby protecting the switch from a MAC flooding attack as well as reducing the risks of rogue wireless access points or hubs.
With Dynamic Host Configuration Protocol (DHCP) snooping, DHCP spoofing can be thwarted by allowing only DHCP requests (but not responses) from untrusted user-facing ports.
Additionally, the DHCP Interface Tracker (Option 82) helps enable granular control over IP address assignment by augmenting a host IP address request with the switch port ID.
Building further on the DHCP snooping capabilities, IP address spoofing can be thwarted using Dynamic ARP Inspection and IP Source Guard.
The MAC Address Notification feature can be used to monitor the network and track users by sending an alert to a management station so that network administrators know when and where users entered the network.
The Private VLAN feature isolates ports on a switch, helping ensure that traffic travels directly from the entry point to the aggregation device through a virtual path and cannot be directed to another port.
Secure Shell (SSH) Protocol Version 2, Kerberos, and Simple Network Management Protocol Version 3 (SNMPv3) encrypt administrative and network-management information, protecting the network from tampering or eavesdropping.
TACACS+ or RADIUS authentication enables centralized access control of switches and restricts unauthorized users from altering the configurations.
Alternatively, a local username and password database can be configured on the switch itself. Fifteen levels of authorization on the switch console and two levels on the Web-based management interface provide the ability to give different levels of configuration capabilities to different administrators.
How to Configure VLANs in Cisco Switch 3560
Download CISCO Catalyst 3560 Datasheet (PDF) here.
Comments
Post a Comment