Cisco 2960-24LT-L - Catalyst Switch Fiche technique - Page 9

Parcourez en ligne ou téléchargez le pdf Fiche technique pour {nom_de_la_catégorie} Cisco 2960-24LT-L - Catalyst Switch. Cisco 2960-24LT-L - Catalyst Switch 28 pages. Switching portfolio
Également pour Cisco 2960-24LT-L - Catalyst Switch : Fiche technique (11 pages), Fiche technique (21 pages), Brochure & Specs (10 pages), Description (1 pages)

Cisco 2960-24LT-L - Catalyst Switch Fiche technique
IP Source Guard prevents a malicious user from spoofing or taking over another user's IP address by
creating a binding table between the client's IP and MAC address, port, and VLAN.
Cisco TrustSec
TrustSec secures access to the network, enforces security policies, and delivers standard based security solutions
such as 802.1X enabling secure collaboration and policy compliance. TrustSec capabilities reflect Cisco thought
leadership, innovations, and commitment to customer success. These new capabilities include:
Flexible Authentication that supports multiple authentication mechanisms including 802.1X, MAC
Authentication Bypass and web authentication using a single, consistent configuration
Open Mode that creates a user friendly environment for 802.1X operations
Integration of Device Profiling Technology and Guest Access handling with Cisco switching to
significantly improve security while reducing deployment and operational challenges
RADIUS Change of Authorization and Downloadable Calls for comprehensive policy management
capabilities
802.1X Supplicant with Network Edge Access Transport (NEAT) enables extended secure access where
compact switches in the conference rooms have the same level of security as switches inside the locked
wiring closet
Other Advanced Security Features
Other Advanced Security features include but are not limited to:
Private VLAN Edge provides security and isolation between switch ports, which helps ensure that users
cannot snoop on other users' traffic.
Multidomain Authentication allows an IP phone and a PC to authenticate on the same switch port while
placing them on appropriate voice and data VLAN.
Port-Based ACLs for Layer 2 interfaces allow security policies to be applied on individual switch ports.
Secure Shell (SSH) Protocol, Kerberos, and Simple Network Management Protocol Version 3
(SNMPv3) provide network security by encrypting administrator traffic during Telnet and SNMP sessions.
SSH Protocol, Kerberos, and the cryptographic version of SNMPv3 require a special cryptographic software
image because of U.S. export restrictions.
Bidirectional data support on the Switched Port Analyzer (SPAN) port allows Cisco Intrusion Detection
System (IDS) to take action when an intruder is detected.
TACACS+ and RADIUS Authentication facilitates centralized control of the switch and restricts
unauthorized users from altering the configuration.
MAC Address Notification allows administrators to be notified of users added to or removed from the
network.
Multilevel Security on Console Access prevents unauthorized users from altering the switch configuration.
Bridge Protocol Data Unit (BPDU) Guard shuts down Spanning Tree PortFast-enabled interfaces when
BPDUs are received to avoid accidental topology loops.
Spanning Tree Root Guard (STRG) prevents edge devices not in the network administrator's control from
becoming Spanning Tree Protocol root nodes.
IGMP Filtering provides multicast authentication by filtering out nonsubscribers and limits the number of
concurrent multicast streams available per port.
© 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Data Sheet
Page 9 of 28