Access Control (MAC) addresses, IP addresses, or Transmission Control Protocol (TCP)/User Datagram Protocol
(UDP) ports. ACL lookups are done in hardware—forwarding and routing performance is not compromised when
implementing ACL-based security. An additional protection method is to use port security, which ensures the
appropriate user is on the network by limiting access to the port based on MAC addresses.
Q. For security purposes, how can I monitor or track activities in my network?
A. Intrusion detection systems are tailored to monitor and track activities in a network. The Cisco Catalyst 3750
can complement this through features such as MAC address notification, which will send an alert to a management
station so that network administrators know when and where users came on to the network and can take appropriate
actions. The DHCP Interface Tracker (Option 82) feature will track where a user is physically connected on a
network by providing both switch and port ID to a DHCP server.
Q. For security purposes, how do I protect administration passwords and traffic going to the switch during
configuration or troubleshooting?
A. To protect administration traffic during the configuration or troubleshooting of a switch (such as passwords or
device configuration settings), the best approach is to encrypt the data. Both SSH and SNMPv3 provide encryption
of data during Telnet sessions and SNMP sessions.
Network Management
Q. Do the Cisco Catalyst 3750 switches support Cisco Switch Clustering technology?
A. Yes, the Cisco Catalyst 3750 switches can be managed using the Web-based Cisco Cluster Management Suite
(CMS) Software, which uses Cisco Switch Clustering technology. Cisco CMS is Web-based software that is embedded
in Cisco Catalyst 3750, 3550, 2950, 3500 XL, 2900 XL, 2900 LRE XL, and 1900 switches. Through Cisco Switch
Clustering technology, users access Cisco CMS with any standard Web browser to manage up to 16 of these switches
at once, regardless of their geographic proximity with the option of using a single IP address if desired. With the
addition of the Cisco Catalyst 3750 switches, Cisco CMS can now extend beyond routed boundaries for even more
flexibility in managing a Cisco cluster.
Cisco CMS provides an integrated management interface for delivering intelligent services, enabling users to manage
their entire LAN with one robust tool. By bringing the simplicity of traditional LAN switching to intelligent services
such as multilayer switching, QoS, multicast, and security ACLs, Cisco CMS allows administrators to take advantage
of benefits formerly reserved for only the most complex networks. The new Guide Mode in Cisco CMS leads the user
step by step through the configuration of high-end features and provides enhanced online help for context-sensitive
assistance. In addition, a Solution Wizard provides automated configuration of the switch for video streaming or
videoconferencing. Future software will provide Solution Wizards for voice over IP (VoIP), mission-critical
applications, and security.
®
Cisco CMS supports standards-based connectivity options such as Ethernet, Fast Ethernet, Fast EtherChannel
,
Gigabit Ethernet, and Gigabit EtherChannel connectivity. Because Cisco Switch Clustering technology is not limited
by proprietary stacking modules, stacking cables or interconnection media, Cisco CMS expands the traditional
cluster domain beyond a single wiring closet and lets users mix and match interconnections to meet specific
management, performance, and cost requirements.
Cisco Systems, Inc.
All contents are Copyright © 1992–2003 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 7 of 10