The Cisco Catalyst 2960 48 Port 2 Dual-Purpose Ports Switch with LAN Base Image is your answer to a cost effective fixed-configuration access switch designed for enterprise, midmarket and branch office networks. The switch is the leading Layer 2 edge, giving you a secured, sustainable, easy and a borderless network experience.
The Cisco Catalyst 2960 is part of the new line of fixed-configuration standalone device that provides desktop fast Ethernet and Gigabit Ethernet connectivity for entry-level enterprise, mid-market and branch office networks to enable enhanced LAN services.
The Cisco Catalyst 2960 helps network managers by giving the option of configurations featuring dual-purpose (alternatively wired) uplinks for Gigabit Ethernet. With this hardware enhancement, the switch allows the network manager to use either a copper or a fiber uplink.
- 48 Ports of Fast Ethernet Desktop Connectivity
- Dual-purpose uplinks for Gigabit Ethernet uplink flexibility, allowing use of either a copper or fiber uplink; each dual-purpose uplink port has one 10/100/1000 Ethernet port and one SFP-based Gigabit Ethernet port, with one port active at a time. A wide range of software features is present to provide ease of operation, highly secure business operations, sustainability and a borderless networking experience.
- Borderless Networks
Cisco Catalyst 2960 Series Switch consists of 'Borderless Networks', a Cisco architecture, that delivers the new workspace experience, connecting anyone, anywhere, using any device, to any resource securely, reliably and transparently. Cisco's Borderless Networks architecture addresses primary IT and business challenges to help create a truly borderless experience by bringing interactions closer to the employee and customer.
Borderless experience is only possible with intelligent network elements designed and architected to meet the needs of a global workspace. Cisco Network Access is a primary component of this architecture, enabling various borderless network services such as mobility, security, sustainability, EnergyWise and ease of operations for increased productivity and operational efficiency. When network access is intelligent, it knows the identity of the user, as well as where the user is on the network. It knows what is connecting to the network, to automatically provision the network for QoS and delivery. It becomes services-aware to optimize user experience. Only with intelligent access network, your enterprise can go borderless securely and transparently. Your business can save energy, simplify operations with better business efficiency and have an optimized total cost of ownership.
- Cisco Catalyst switching solutions enable greener practices through measurable power efficiency, integrated services and continuous innovations such as Cisco EnergyWise, an enterprise wide solution that monitors and conserves energy with customized policies. Together, Cisco EnergyWise technology and Cisco Catalyst switches reduce greenhouse gas (GhG) emissions and increase energy cost savings and sustainable business behavior.
- Cisco EnergyWise Technology
Cisco EnergyWise is an innovative architecture, added to fixed configuration switches, promoting companywide sustainability by reducing energy consumption across an entire corporate infrastructure and affecting more than 50 percent of global greenhouse gas emissions created by worldwide building infrastructure, a much greater effect than the 2 percent generated by the IT industry. Cisco EnergyWise enables companies to measure the power consumption of network infrastructure and network-attached devices and manage power consumption with specific policies, reducing power consumption to realize increased cost savings, potentially affecting any powered device.
EnergyWise encompasses a highly intelligent network-based approach to communicate messages that measure and control energy between network devices and endpoints. The network discovers Cisco EnergyWise-manageable devices, monitors their power consumption and takes action based on business rules to reduce power consumption. EnergyWise uses a unique domain-naming system to query and summarize information from large sets of devices, making it simpler than traditional network management capabilities. Cisco EnergyWise's management interfaces allow facilities and network management applications to communicate with endpoints and each other using the network as a unifying fabric. The management interface uses standard SNMP or TCP to integrate Cisco and third-party management systems.
- Efficient Switch Operation
- Cisco Catalyst 2960 Series Switch provides optimum power savings, low power operations for industry best-in-class power management and power consumption capabilities.
- Cisco Catalyst Smart Operations
Cisco Catalyst Smart Operations is a comprehensive set of capabilities that simplify LAN deployment, configuration and troubleshooting. Cisco Catalyst Smart Operations enable zero touch installation and replacement of switches, fast upgrade, as well as ease of troubleshooting with reduced operational cost. Cisco Catalyst Smart Operations is a set of features that includes Smart Install, Auto Smartports, Smart Configuration and Smart Troubleshooting to enhance operational excellence:
• Cisco Smart Install is a transparent plug-and-play technology to configure the Cisco IOS Software image and switch configuration without user intervention. Smart Install utilizes dynamic IP address allocation and the assistance of other switches to facilitate installation providing transparent network plug and play.
• Cisco Auto Smartports provide automatic configuration as devices connect to the switch port, allowing auto detection and plug and play of the device onto the network.
• Cisco Smart Configuration provides a single point of management for a group of switches and in addition adds the ability archive and backup configuration files to a file server or switch allowing seamless zero touch switch replacement.
• Cisco Smart Troubleshooting is an extensive array of debug diagnostic commands and system health checks within the switch, including Generic Online Diagnostics (GOLD) and Onboard Failure Logging (OBFL).
- Easy to Use Deployment and Control Features
• Automatic QoS (AutoQoS) simplifies QoS configuration in voice over IP (VoIP) networks by issuing interface and global switch commands to detect Cisco IP phones, classify traffic and help enable egress queue configuration.
• Stacking Master configuration management and Cisco FlexStack stacking helps ensure that all switches are automatically upgraded when the master switch receives a new software version. Automatic software version checking and updating help ensure that all stack members have the same software version.
• Dynamic Host Configuration Protocol (DHCP) auto configuration of multiple switches through a boot server eases switch deployment.
• Auto-negotiation on all ports automatically selects half- or full-duplex transmission mode to optimize bandwidth.
• Dynamic Trunking Protocol (DTP) facilitates dynamic trunk configuration across all switch ports.
• Port Aggregation Protocol (PAgP) automates the creation of Cisco Fast EtherChannel groups or Gigabit EtherChannel groups to link to another switch, router, or server.
• Link Aggregation Control Protocol (LACP) allows the creation of Ethernet channeling with devices that conform to IEEE 802.3ad. This feature is similar to Cisco EtherChannel technology and PAgP.
• Automatic media-dependent interface crossover (MDIX) automatically adjusts transmit and receive pairs if an incorrect cable type (crossover or straight-through) is installed.
• Unidirectional Link Detection Protocol (UDLD) and Aggressive UDLD allow unidirectional links caused by incorrect fiber-optic wiring or port faults to be detected and disabled on fiber-optic interfaces.
• Switching Database Manager (SDM) templates for access, routing and VLAN deployment allow the administrator to easily maximize memory allocation to the desired features based on deployment-specific requirements.
• Local Proxy Address Resolution Protocol (ARP) works in conjunction with Private VLAN Edge to minimize broadcasts and maximize available bandwidth.
• Internet Group Management Protocol (IGMP) Snooping for IPv4 and IPv6 MLD v1 and v2 Snooping provide fast client joins and leaves of multicast streams and limit bandwidth-intensive video traffic to only the requestors.
• Multicast VLAN Registration (MVR) continuously sends multicast streams in a multicast VLAN while isolating the streams from subscriber VLANs for bandwidth and security reasons.
• Per-port broadcast, multicast and unicast storm control prevents faulty end stations from degrading overall systems performance.
• Voice VLAN simplifies telephony installations by keeping voice traffic on a separate VLAN for easier administration and troubleshooting.
• Cisco VLAN Trunking Protocol (VTP) supports dynamic VLANs and dynamic trunk configuration across all switches.
• Remote Switch Port Analyzer (RSPAN) allows administrators to remotely monitor ports in a Layer 2 switch network from any other switch in the same network.
• For enhanced traffic management, monitoring and analysis, the Embedded Remote Monitoring (RMON) software agent supports four RMON groups (history, statistics, alarms and events).
• Layer 2 traceroute eases troubleshooting by identifying the physical path that a packet takes from source to destination.
• Trivial File Transfer Protocol (TFTP) reduces the cost of administering software upgrades by downloading from a centralized location.
• Network Timing Protocol (NTP) provides an accurate and consistent timestamp to all intranet switches.
- Advanced, Intelligent Network Management Tools
- The Cisco Catalyst 2960 Series Switch offers both a superior CLI for detailed configuration and Cisco Network Assistant software, a PC-based tool for quick configuration based on preset templates. In addition, CiscoWorks LAN Management Solution (LMS) supports the Cisco Catalyst 2960 Series Switches for network-wide management.
- Cisco Network Assistant
A PC-based network management application designed for small and medium-sized business (SMB) networks with up to 250 users, Cisco Network Assistant offers centralized network management and configuration capabilities. Cisco Network Assistant uses Cisco Smartports technology to simplify both initial deployment and ongoing maintenance. This application also features an intuitive GUI where users can easily apply common services across Cisco switches, routers and access points, such as:
• Configuration management
• Troubleshooting advice
• Inventory reports
• Event notification
• Network security settings
• Password synchronization
• Drag-and-drop Cisco IOS Software upgrades
• Secure wireless
- CiscoWorks LAN Management Solution
CiscoWorks LAN Management Solution (LMS) is a comprehensive network lifecycle management solution. It provides an extensive library of easy-to-use features to automate the initial and day-to-day management of your Cisco network infrastructure. CiscoWorks LMS uniquely uses Cisco hardware and software platform knowledge and operational experience into a powerful set of workflow-driven configuration, monitoring, troubleshooting, reporting and administrative tools. Including:
• Support for new Cisco hardware platforms the day they ship.
• Support for new technologies and services from initial deployment to day-to-day administration and management, such as EnergyWise, Identity, Cisco Auto Smartports, Cisco Smart Install and much more.
• Configuration management tools built from Cisco experience and Cisco Validated Design recommendations.
• Monitoring and troubleshooting capabilities that incorporates Cisco hardware best practices and diagnostics features.
• Automation in managing hardware inventories, security vulnerabilities (PSIRTS) and platform end-of-life and support cycles.
- Borderless Security
- The Cisco Catalyst 2960 Series Switch provides superior Layer 2 threat defense capabilities for mitigating man-in-the-middle attacks (such as MAC, IP and ARP spoofing). TrustSec, a primary element of Borderless Security Architecture, helps enterprise customers secure their networks, data and resources with policy-based access control, identity and role-aware networking, pervasive integrity and confidentiality.
- Threat Defense
Cisco Integrated Security Features is an industry-leading solution available on Cisco Catalyst Switches that proactively protects your critical network infrastructure. Delivering powerful, easy-to-use tools to effectively prevent the most common and potentially damaging Layer 2 security threats, Cisco Integrated Security Features provides robust security throughout the network.
- Port Security secures the access to an access or trunk port based on MAC address. It limits the number of learned MAC addresses to deny MAC address flooding.
- DHCP Snooping prevents malicious users from spoofing a DHCP server and sending out bogus addresses. This feature is used by other primary security features to prevent a number of other attacks such as ARP poisoning.
- Dynamic ARP Inspection (DAI) helps ensure user integrity by preventing malicious users from exploiting the insecure nature of the ARP protocol.
- IP source guard prevents a malicious user from spoofing or taking over another user's IP address by creating a binding table between the client's IP and MAC address, port and VLAN.
- Cisco TrustSec
TrustSec secures access to the network, enforces security policies and delivers standard based security solutions such as 802.1X enabling secure collaboration and policy compliance. TrustSec capabilities reflect Cisco thought leadership, innovations and commitment to customer success. These new capabilities include:
- Flexible authentication that supports multiple authentication mechanisms including 802.1X, MAC Authentication Bypass and web authentication using a single, consistent configuration.
- Open mode that creates a user friendly environment for 802.1X operations.
- Integration of device profiling technology and guest access handling with Cisco switching to significantly improve security while reducing deployment and operational challenges.
- RADIUS Change of Authorization and downloadable calls for comprehensive policy management capabilities.
- 802.1X Supplicant with Network Edge Access Transport (NEAT) enables extended secure access where compact switches in the conference rooms have the same level of security as switches inside the locked wiring closet.
- Other Advanced Security Features
Other Advanced Security features include but are not limited to:
- Private VLANs restrict traffic between hosts in a common segment by segregating traffic at Layer 2, turning a broadcast segment into a nonbroadcast multiaccesslike segment.
- Private VLAN Edge provides security and isolation between switch ports, which helps ensure that users cannot snoop on other users' traffic.
- Multidomain Authentication allows an IP phone and a PC to authenticate on the same switch port while placing them on appropriate voice and data VLAN.
- Port-based ACLs for Layer 2 interfaces allow security policies to be applied on individual switch ports.
- Secure Shell (SSH) Protocol, Kerberos and Simple Network Management Protocol Version 3 (SNMPv3) provide network security by encrypting administrator traffic during Telnet and SNMP sessions. SSH Protocol, Kerberos and the cryptographic version of SNMPv3 require a special cryptographic software image because of U.S. export restrictions.
- Bidirectional data support on the Switched Port Analyzer (SPAN) port allows Cisco Intrusion Detection System (IDS) to take action when an intruder is detected.
- TACACS+ and RADIUS authentication facilitates centralized control of the switch and restricts unauthorized users from altering the configuration.
- MAC Address Notification allows administrators to be notified of users added to or removed from the network.
- Multilevel security on console access prevents unauthorized users from altering the switch configuration.
- Bridge protocol data unit (BPDU) Guard shuts down Spanning Tree PortFast-enabled interfaces when BPDUs are received to avoid accidental topology loops.
- Spanning Tree Root Guard (STRG) prevents edge devices not in the network administrator's control from becoming Spanning Tree Protocol root nodes.
- IGMP filtering provides multicast authentication by filtering out nonsubscribers and limits the number of concurrent multicast streams available per port.
- Dynamic VLAN assignment is supported through implementation of VLAN Membership Policy Server client capability to provide flexibility in assigning ports to VLANs. Dynamic VLAN facilitates the fast assignment of IP addresses.
- Borderless Experience
- Borderless network enables enterprise mobility and business-grade video services. Industry's first unified network (wired and wireless) location services enable tracking of mobile assets and the users of those assets for both wired and wireless devices.
- High Availability and Layer 2 Networking
The 2960 Series switch provides Layer 2 networking to enable resiliency and availability. Other high-availability features include but are not limited to:
- Cross-Stack EtherChannel provides the ability to configure Cisco EtherChannel technology across different members of the Cisco FlexStack for high resiliency.
- Flexlink provides link redundancy with convergence time less than 100 ms.
- IEEE 802.1s/w Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP) provide rapid spanning-tree convergence independent of spanning-tree timers and also offer the benefit of Layer 2 load balancing and distributed processing. Stacked units behave as a single spanning-tree node.
- Per-VLAN Rapid Spanning Tree (PVRST+) allows rapid spanning-tree reconvergence on a per-VLAN spanning-tree basis, without requiring the implementation of spanning-tree instances.
- Switch-port autorecovery (Errdisable) automatically attempts to reactivate a link that is disabled because of a network error.
- Enhanced Quality of Service
The Cisco Catalyst 2960 Series Switch offers intelligent services that keep everything flowing smoothly. Industry-leading mechanisms for marking, classification and scheduling deliver superior performance for data, voice and video traffic, all at wire speed. Following are some of the QoS features supported in the Cisco 2960 Series Switches:
- 802.1p class of service (CoS) and differentiated services code point (DSCP) field classification are provided, using marking and reclassification on a per-packet basis by source and destination IP address, MAC address, or Layer 4 TCP/UDP port number.
- Cisco control-plane and data-plane QoS ACLs on all ports help ensure proper marking on a per-packet basis.
- Four egress queues per port help enable differentiated management of different traffic types across the stack.
- Shaped Round Robin (SRR) scheduling helps ensure differential prioritization of packet flows by intelligently servicing the ingress queues and egress queues.
- Weighted Tail Drop (WTD) provides congestion avoidance at the ingress and egress queues before a disruption occurs.
- Strict priority queuing helps ensure that the highest-priority packets are serviced ahead of all other traffic.
- Trusted Boundary provides the ability to trust the QoS priority settings if an IP phone is present and to disable the trust setting if the IP phone is removed, thereby preventing a malicious user.
- Rate limiting is provided based on source and destination IP address, source and destination MAC address, Layer 4 TCP/UDP information, or any combination of these fields, using QoS ACLs (IP ACLs or MAC ACLs), class maps and policy maps.
- Up to 64 aggregate or individual policers are available per Fast Ethernet or GbE port.
- Location Awareness and Mobility
In order to provide delivery of a best-in-class network experience to end users, it's critical for network access to be location aware. A wide variety of devices can appear on the network, both wired (switches, routers, IP phones, PCs, access points, controllers, video digital media players and so on) and wireless (mobile devices, wireless tags, rogues and so on). In many industries, locating assets is primarily a manual process and is time consuming and error prone. The inability to locate assets in real time and to help ensure their availability when and where they are needed limits reaction time and efficiency.
Location services answer business-critical questions about both mobile assets and the users of those assets regardless of whether those assets are connecting using wired or wireless and hence directly improve their organization's profitability. Network Location Services also improve security and accelerate client troubleshooting by locating an asset, user, or device on the network.
- Network visibility and control provide centralized visibility into wired and wireless devices on the network and their location.
- Location-assisted client troubleshooting enables tracking of wired or wireless clients for quick problem resolution.
- Asset tracking and improved security provide centralized inventory of wired and wireless devices and asset management for improved business processes.
- Location based policy allows greater control and visibility. With EnergyWise, power policies can be set up (to reduce the power or shut down the power from a port) based on the location.
- Cisco Emergency Responder (CER) enhances emergency calling from Cisco Unified CallManager. It helps assure that Cisco Unified CallManager sends emergency calls to the appropriate Public Safety Answering Point (PSAP) for the caller's location.