2022年思科配置手册归类 .pdf

《2022年思科配置手册归类 .pdf》由会员分享，可在线阅读，更多相关《2022年思科配置手册归类 .pdf（14页珍藏版）》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。

1、Data Sheet All contents are Copyright ? 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 14 Cisco Catalyst 2960 Series Switches Cisco? Catalyst? 2960 Series Intelligent Ethernet Switches are a family of fixed-configuration, standalone devices tha

2、t provide desktop Fast Ethernet and Gigabit Ethernet connectivity, enabling enhanced LAN services for entry-level enterprise, mid-market, and branch office networks. The Catalyst 2960 Series offers integrated security, including network admission control (NAC), advanced quality of service (QoS), and

3、 resiliency to deliver intelligent services for the network edge. The Cisco Catalyst 2960 Series offers: Intelligent features at the network edge, such as sophisticated access control lists (ACLs) and enhanced security Dual-purpose uplinks for Gigabit Ethernet uplink flexibility, allowing use of eit

4、her a copper or a fiber uplink-each dual-purpose uplink port has one 10/100/1000 Ethernet port and one Small Form-Factor Pluggable (SFP)-based Gigabit Ethernet port, with one port active at a time Network control and bandwidth optimization using advanced QoS, granular rate limiting, ACLs, and multic

5、ast services Network security through a wide range of authentication methods, data encryption technologies, and network admission control based on users, ports, and MAC addresses Easy network configuration, upgrades, and troubleshooting using Cisco Network Assistant software Auto-configuration for s

6、pecialized applications using Smartports Limited Lifetime Hardware Warranty Figure 1. Cisco Catalyst 2960 Series Switches 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 1 页，共 14 页 - - - - - - - - - Data Sheet All contents are Copyright ? 19922007 Cisco Systems, Inc.

7、All rights reserved. This document is Cisco Public Information. Page 2 of 14 Configurations The Cisco Catalyst 2960 Series comprises the following switches (Figure 1): Cisco Catalyst 2960-8TC: 8 Ethernet 10/100 ports and 1 dual-purpose uplink port; compact size Cisco Catalyst 2960-24TT: 24 Ethernet

8、10/100 ports and 2 fixed Ethernet 10/100/1000 uplink ports; 1 rack unit (RU) Cisco Catalyst 2960-48TT: 48 Ethernet 10/100 ports and 2 fixed Ethernet 10/100/1000 uplink ports; 1 RU Cisco Catalyst 2960-24TC: 24 Ethernet 10/100 ports and 2 dual-purpose uplink ports; 1 RU Cisco Catalyst 2960-48TC: 48 Et

9、hernet 10/100 ports and 2 dual-purpose uplink ports; 1 RU Cisco Catalyst 2960G-8TC: 8 Ethernet 10/100/1000 ports, 1 of which is dual-purpose; compact size Cisco Catalyst 2960G-24TC: 24 Ethernet 10/100/1000 ports, 4 of which are dual-purpose; 1 RU Cisco Catalyst 2960G-48TC: 48 Ethernet 10/100/1000 po

10、rts, 4 of which are dual-purpose; 1 RU The Cisco Catalyst 2960 Series software image is a rich suite of intelligent services, including advanced QoS, rate limiting, ACLs, and IPv6 (future). The SFP-based Gigabit Ethernet ports accommodate a range of SFP transceivers, including the Cisco 1000BASE-SX,

11、 1000BASE-LX, 1000BASE-BX, 1000BASE-ZX, 100BASE-FX, 100BASE-LX, 100BASE-BX, and coarse wavelength-division multiplexing (CWDM) SFP transceivers. Gigabit Ethernet At speeds of 1000 Mbps, Gigabit Ethernet provides the bandwidth to meet new and evolving network demands, alleviate bottlenecks, and boost

12、 performance while increasing the return on existing infrastructure investments. Todays workers are placing higher demands on networks, running multiple concurrent applications. For example, a worker joins a team conference call through an IP videoconference, sends a 10-MB spreadsheet to meeting par

13、ticipants, broadcasts the latest marketing video for the team to evaluate, and queries the customer relationship management (CRM) database for the latest real-time feedback. Meanwhile, a multigigabyte system backup starts in the background and the latest virus updates are delivered to the client. In

14、telligence in the Network Networks of today are evolving to address four new developments at the network edge: Increase in desktop computing power Introduction of bandwidth-intensive applications Expansion of highly sensitive data on the network Presence of multiple device types, such as IP phones,

15、WLAN access points, and IP video cameras These new demands contend for resources with existing mission-critical applications. As a result, IT professionals must view the edge of the network as critical to effectively manage the delivery of information and applications. 名师资料总结 - - -精品资料欢迎下载 - - - - -

16、 - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 2 页，共 14 页 - - - - - - - - - Data Sheet All contents are Copyright ? 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 14 As companies increasingly rely on networks as their strategic business infr

17、astructure, it is more important than ever to ensure their high availability, security, scalability, and control. By adding Cisco intelligent functions for LAN access, you can now deploy networkwide intelligent services that consistently address these requirements from the desktop to the core and th

18、rough the WAN. With Cisco Catalyst Intelligent Ethernet switches, Cisco helps companies realize the full benefits of adding intelligent services into their networks. Deploying capabilities that make the network infrastructure highly available to accommodate time-critical needs, scalable to accommoda

19、te growth, secure enough to protect confidential information, and capable of differentiating and controlling traffic flows is critical to further optimizing network operations. Enhanced Security The wide range of security features that the Cisco Catalyst 2960 Series offers helps businesses protect i

20、mportant information, keep unauthorized people off the network, guard privacy, and maintain uninterrupted operation. The Cisco Identity Based Networking Services (IBNS) solution provides authentication, access control, and security policy administration to secure network connectivity and resources.

21、Cisco IBNS in the Cisco Catalyst 2960 Series prevents unauthorized access and helps ensure that users get only their designated privileges. It provides the ability to dynamically administer granular levels of network access. Using the 802.1x standard and the Cisco Secure Access Control Server (ACS),

22、 users can be assigned a VLAN upon authentication, regardless of where they connect to the network. This setup allows IT departments to enable strong security policies without compromising user mobility, and with minimal administrative overhead. To guard against denial-of-service (DoS) and other att

23、acks, ACLs can be used to restrict access to sensitive portions of the network by denying packets based on source and destination MAC addresses, IP addresses, or TCP/User Datagram Protocol (UDP) ports. ACL lookups are done in hardware, so forwarding performance is not compromised when implementing A

24、CL-based security. Port security can be used to limit access on an Ethernet port based on the MAC address of the device to which it is connected. It also can be used to limit the total number of devices plugged into a switch port, thereby protecting the switch from a MAC flooding attack as well as r

25、educing the risks of rogue wireless access points or hubs. With Dynamic Host Configuration Protocol (DHCP) snooping, DHCP spoofing can be thwarted by allowing only DHCP requests (but not responses) from untrusted user-facing ports. Additionally, the DHCP Interface Tracker (Option 82) feature helps e

26、nable granular control over IP address assignment by augmenting a host IP address request with the switch port ID. The MAC Address Notification feature can be used to monitor the network and track users by sending an alert to a management station so that network administrators know when and where us

27、ers entered the network. Secure Shell Protocol Version 2 (SSHv2) and Simple Network Management Protocol Version 3 (SNMPv3) encrypt administrative and network-management information, protecting the network from tampering or eavesdropping. TACACS+ or RADIUS authentication enables centralized access co

28、ntrol of switches and restricts unauthorized users from altering the configurations. Alternatively, a local username and password database can be configured on the switch itself. Fifteen levels of authorization on the switch console and two levels on the Web-based management interface provide the ab

29、ility to give different levels of configuration capabilities to different administrators. 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 3 页，共 14 页 - - - - - - - - - Data Sheet All contents are Copyright ? 19922007 Cisco Systems, Inc. All rights reserved. This docume

30、nt is Cisco Public Information. Page 4 of 14 Availability and Scalability The Cisco Catalyst 2960 Series is equipped with a large set of features that allow for network scalability and higher availability through multicast filtering as well as a complete suite of Spanning Tree Protocol enhancements

31、aimed to maximize availability in a Layer 2 network. Enhancements to the standard Spanning Tree Protocol, such as Per-VLAN Spanning Tree Plus (PVST+), UplinkFast, and PortFast, help to maximize network uptime. PVST+ allows for Layer 2 load sharing on redundant links to efficiently use the extra capa

32、city inherent in a redundant design. UplinkFast, PortFast, and BackboneFast all greatly reduce the standard 30- to 60-second Spanning Tree Protocol convergence time. Flexlink provides bidirectional, fast convergence in less than 100 milliseconds. The Loopguard and bridge protocol data unit (BPDU) gu

33、ard enhancements provide Spanning Tree Protocol loop avoidance. Advanced QoS The Cisco Catalyst 2960 Series offers superior multilayer QoS features to help ensure that network traffic is classified and prioritized, and that congestion is avoided in the best possible manner. Configuration of QoS is g

34、reatly simplified through automatic QoS (Auto QoS), a feature that detects Cisco IP phones and automatically configures the switch for the appropriate classification and egress queuing. This optimizes traffic prioritization and network availability without the challenge of a complex configuration. T

35、he Cisco Catalyst 2960 Series can classify, reclassify, police, mark, queue, and schedule incoming packets and can queue and schedule packets at egress. Packet classification allows the network elements to discriminate between various traffic flows and enforce policies based on Layer 2 and Layer 3 Q

36、oS fields. To implement QoS, the Cisco Catalyst 2960 Series Switch first identifies traffic flows or packet groups, then classifies or reclassifies these groups using the differentiated services code point (DSCP) field or the 802.1p class of service (CoS) field. Classification and reclassification c

37、an be based on criteria as specific as the source or destination IP address, source or destination MAC address, or the Layer 4 TCP or UDP port. At the ingress, the Catalyst 2960 Series also polices to determine whether a packet is in or out of profile, marks to change the classification label, passe

38、s through or drops out of profile packets, and queues packets based on classification. Control-plane and data-plane ACLs are supported on all ports to help ensure proper treatment on a per-packet basis. The Cisco Catalyst 2960 Series supports four egress queues per port, giving network administrator

39、s more control in assigning priorities for the various applications on the LAN. At egress, the switch performs congestion control and scheduling, the algorithm or process that determines the order in which queues are processed. The Catalyst 2960 Series Switch supports Shaped Round Robin (SRR) and st

40、rict priority queuing. The SRR algorithm helps ensure differential prioritization. These QoS features allow network administrators to prioritize mission-critical and bandwidth-intensive traffic, such as enterprise resource planning (ERP), voice (IP telephony traffic), and computer-aided design and m

41、anufacturing (CAD/CAM), over applications such as FTP or e-mail. For example, it would be undesirable to have a large file download destined to one port on a switch increase latency in voice traffic destined to another port on this switch. This condition is avoided by ensuring that voice traffic is

42、properly classified and prioritized throughout the network. Other applications, such as Web browsing, can be handled on a lower-priority basis. 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 4 页，共 14 页 - - - - - - - - - Data Sheet All contents are Copyright ? 1992200

43、7 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 14 The Cisco Catalyst 2960 Series can perform rate limiting through its support of the Cisco committed information rate (CIR) function. Through CIR, bandwidth can be guaranteed in increments as small as 1

44、 Mbps. Bandwidth can be allocated based on several criteria, including MAC source address, MAC destination address, IP source address, IP destination address, and TCP or UDP port number. Bandwidth allocation is essential when network environments require service-level agreements or when it is necess

45、ary to control the bandwidth given to certain users. Management The new Express Setup feature simplifies the initial configuration of a switch. Now you can set up the switch through a Web browser, eliminating the need for terminal-emulation programs and the command-line interface (CLI). Express Setu

46、p reduces the cost of deployment by helping less-skilled personnel quickly and easily set up switches. Cisco Network Assistant is a PC-based network-management application optimized for LANs with up to 250 users. Cisco Network Assistant offers centralized management of Cisco switches, routers, and W

47、LAN access points. It supports a wide range of Cisco Catalyst intelligent switches from Cisco Catalyst 2960 through Cisco Catalyst 4506. Through a user-friendly GUI, users can configure and manage a wide array of switch functions and start the device manager of Cisco routers and Cisco wireless acces

48、s points. A few mouse clicks enable the Cisco recommended security, availability, and QoS features without the need to consult a detailed design guide. The Security wizard automatically restricts unauthorized access to servers with sensitive data. Smartports and wizards save time for network adminis

49、trators, reduce human errors, and help ensure that the configuration of the switch is optimized for these applications. Available at no cost, Cisco Network Assistant can be downloaded from the Cisco Website. In addition to Cisco Network Assistant, Cisco Catalyst 2960 Series switches provide for exte

50、nsive management using SNMP network-management platforms such as CiscoWorks LAN Management Solution (LMS). LMS is a suite of powerful management tools that simplify the configuration, administration, monitoring and troubleshooting of Cisco networks. It integrates these capabilities into a world-clas