Rackable Oui
Manageable Oui
Switch Administrable
Vitesse 1 Gigabit
Ports RJ45 24 (10/100/1000 Mbps) + 4 (SFP+ 10G)
PoE Non
Standards IEEE 802.3 10BASE-T Ethernet, IEEE 802.3u 100BASE-TX Fast Ethernet, IEEE 802.3ab 1000BASE-T Gigabit Ethernet, IEEE 802.3ad Link Aggregation Control Protocol, IEEE 802.3z Gigabit Ethernet, IEEE 802.3ae 10 Gbit/s Ethernet over fiber for LAN, IEEE 802.3an 10GBase-T 10 Gbit/s Ethernet over copper twisted pair cable, IEEE 802.3x Flow Control, IEEE 802.1D (STP, GARP, and GVRP), IEEE 802.1Q/p VLAN, IEEE 802.1w Rapid STP, IEEE 802.1s Multiple STP, IEEE 802.1X Port Access Authentication, IEEE 802.3af, IEEE 802.3at, IEEE 802.1AB Link Layer Discovery Protocol, IEEE 802.3az Energy Efficient Ethernet, RFC 768, RFC 783, RFC 791, RFC 792, RFC 793, RFC 813, RFC 826, RFC 879, RFC 896, RFC 854, RFC 855, RFC 856, RFC 858, RFC 894, RFC 919, RFC 920, RFC 922, RFC 950, RFC 951, RFC 1042, RFC 1071, RFC 1123, RFC 1141, RFC 1155, RFC 1157, RFC 1213, RFC 1215, RFC 1286, RFC 1350, RFC 1442, RFC 1451, RFC 1493, RFC 1533, RFC 1541, RFC 1542, RFC 1573, RFC 1624, RFC 1643, RFC 1700, RFC 1757, RFC 1867, RFC 1907, RFC 2011, RFC 2012, RFC 2013, RFC 2030, RFC 2131, RFC 2132, RFC 2233, RFC 2576, RFC 2616, RFC 2618, RFC 2665, RFC 2666, RFC 2674, RFC 2737, RFC 2819, RFC 2863, RFC 3164, RFC 3176, RFC 3411, RFC 3412, RFC 3413, RFC 3414, RFC 3415, RFC 3416, RFC 4330
Capacité de commutation 128 Gbps
Capacité de transfert 95.23 Mpps
Sécurité Security
Secure Shell (SSH) Protocol
SSH is a secure replacement for Telnet traffic. Secure Copy Protocol (SCP) also uses SSH. SSH v1 and v2 are supported
Secure Sockets Layer (SSL)
SSL support: Encrypts all HTTPS traffic, allowing highly secure access to the browser-based management GUI in the switch
IEEE 802.1X (Authenticator role)
802.1X: Remote Authentication Dial-In User Service (RADIUS) authentication and accounting, MD5 hash; guest VLAN; unauthenticated VLAN, single/multiple host mode and single/multiple sessions
Supports time-based 802.1X; dynamic VLAN assignment
Web-based authentication
Web-based authentication provides network admission control through web browser to any host devices and operating systems
STP Bridge Protocol Data Unit (BPDU) Guard
A security mechanism to protect the network from invalid configurations. A port enabled for BPDU Guard is shut down if a BPDU message is received on that port. This avoids accidental topology loops
STP Root Guard
This prevents edge devices not in the network administrator's control from becoming Spanning Tree Protocol root nodes
STP loopback guard
Provides additional protection against Layer 2 forwarding loops (STP loops)
DHCP snooping
Filters out DHCP messages with unregistered IP addresses and/or from unexpected or untrusted interfaces. This prevents rogue devices from behaving as DHCP Servers.
IP Source Guard (IPSG)
When IP Source Guard is enabled at a port, the switch filters out IP packets received from the port if the source IP addresses of the packets have not been statically configured or dynamically learned from DHCP snooping. This prevents IP address spoofing.
Dynamic ARP Inspection (DAI)
The switch discards ARP packets from a port if there are no static or dynamic IP/MAC bindings or if there is a discrepancy between the source or destination addresses in the ARP packet. This prevents man-in-the-middle attacks.
IP/MAC/Port Binding (IPMB)
The preceding features (DHCP Snooping, IP Source Guard, and Dynamic ARP Inspection) work together to prevent DOS attacks in the network, thereby increasing network availability
Secure Core Technology (SCT)
Makes sure that the switch will receive and process management and protocol traffic no matter how much traffic is received
Secure Sensitive Data (SSD)
A mechanism to manage sensitive data (such as passwords, keys, and so on) securely on the switch, populating this data to other devices, and secure autoconfig. Access to view the sensitive data as plaintext or encrypted is provided according to the user-configured access level and the access method of the user.
Trustworthy systems
Trustworthy systems provide a highly secure foundation for Cisco products
Run-time defenses (Executable Space Protection [X-Space], Address Space Layout Randomization [ASLR], Built-In Object Size Checking [BOSC])
Private VLAN
Private VLAN provides security and isolation between switch ports, which helps ensure that users cannot snoop on other users' traffic; supports multiple uplinks
Layer 2 isolation Private VLAN Edge (PVE) with community VLAN
PVE (also known as protected ports) provides Layer 2 isolation between devices in the same VLAN, supports multiple uplinks
Port security
Ability to lock source MAC addresses to ports and limits the number of learned MAC addresses
RADIUS/TACACS+
Supports RADIUS and TACACS authentication. Switch functions as a client
RADIUS accounting
The RADIUS accounting functions allow data to be sent at the start and end of services, indicating the amount of resources (such as time, packets, bytes, and so on) used during the session
Storm control
Broadcast, multicast, and unknown unicast
DoS prevention
Denial-of-Service (DOS) attack prevention
Multiple user privilege levels in CLI
Level 1, 7, and 15 privilege levels
ACLs
Support for up to 1,024 rules
Drop or rate limit based on source and destination MAC, VLAN ID, IPv4 or IPv6 address, IPv6 flow label, protocol, port, Differentiated Services Code Point (DSCP)/IP precedence, Transmission Control Protocol/User Datagram Protocol (TCP/UDP) source an destination ports, 802.1p priority, Ethernet type, Internet Control Message Protocol (ICMP) packets, IGMP packets, TCP flag; ACL can be applied on both ingress and egress sides
Time-based ACLs supported
RAM Buffer 1.5 Mbit
Fonction réseau Layer 2 Switching
Spanning Tree Protocol
Standard 802.1d Spanning Tree support
Fast convergence using 802.1w (Rapid Spanning Tree [RSTP]), enabled by default
Multiple Spanning Tree instances using 802.1s (MSTP); 8 instances are supported
Per-VLAN Spanning Tree Plus (PVST+) and Rapid PVST+ (RPVST+); 126 instances are supported
Port grouping/link aggregation
Support for IEEE 802.3ad Link Aggregation Control Protocol (LACP)
● Up to 8 groups
● Up to 8 ports per group with 16 candidate ports for each (dynamic) 802.3ad link aggregation
VLAN
Support for up to 4,094 VLANs simultaneously
Port-based and 802.1Q tag-based VLANs; MAC-based VLAN; protocol-based VLAN; IP subnet-based VLAN
Management VLAN
Private VLAN with promiscuous, isolated, and community port
Private VLAN Edge (PVE), also known as protected ports, with multiple uplinks
Guest VLAN, unauthenticated VLAN
Dynamic VLAN assignment via RADIUS server along with 802.1x client authentication
CPE VLAN
Voice VLAN
Voice traffic is automatically assigned to a voice-specific VLAN and treated with appropriate levels of QoS. Auto voice capabilities deliver network wide zero-touch deployment of voice endpoints and call control devices
Multicast TV VLAN
Multicast TV VLAN allows the single multicast VLAN to be shared in the network while subscribers remain in separate VLANs. This feature is also known as Multicast VLAN Registration (MVR)
VLAN Translation
Support for VLAN One-to-One Mapping. In VLAN One-to-One Mapping, on an edge interface customer VLANs (C-VLANs) are mapped to service provider VLANs (S-VLANs) and the original C-VLAN tags are replaced by the specified S-VLAN
Q-in-Q
VLANs transparently cross a service provider network while isolating traffic among customers
Selective Q-in-Q
Selective Q-in-Q is an enhancement to the basic Q-in-Q feature and provides, per edge interface, multiple mappings of different C-VLANs to separate S-VLANs
Selective Q-in-Q also allows configuring of Ethertype (Tag Protocol Identifier [TPID]) of the S-VLAN tag
Layer 2 protocol tunneling over Q-in-Q is also supported
Generic VLAN Registration Protocol (GVRP)/Generic Attribute Registration Protocol (GARP)
Generic VLAN Registration Protocol (GVRP) and Generic Attribute Registration Protocol (GARP) enable automatic propagation and configuration of VLANs in a bridged domain
Unidirectional Link Detection (UDLD)
UDLD monitors physical connection to detect unidirectional links caused by incorrect wiring or cable/port faults to prevent forwarding loops and black holing of traffic in switched networks
Dynamic Host Configuration Protocol (DHCP) Relay at Layer 2
Relay of DHCP traffic to DHCP server in different VLAN; works with DHCP Option 82
Internet Group Management Protocol (IGMP) versions 1, 2, and 3 snooping
IGMP limits bandwidth-intensive multicast traffic to only the requesters; supports 2K multicast groups (source-specific multicasting is also supported)
IGMP Querier
IGMP querier is used to support a Layer 2 multicast domain of snooping switches in the absence of a multicast router
Head-of-Line (HOL) blocking
HOL blocking prevention
Loopback Detection
Loopback detection provides protection against loops by transmitting loop protocol packets out of ports on which loop protection has been enabled. It operates independently of STP
Layer 3
IPv4 routing
Wirespeed routing of IPv4 packets
Up to 990 static routes and up to 128 IP interfaces
IPv6 routing
Wirespeed routing of IPv6 packets
Layer 3 Interface
Configuration of Layer 3 interface on physical port, Link Aggregation (LAG), VLAN interface, or loopback interface
Classless Interdomain Routing (CIDR)
Support for classless interdomain routing
RIP v2
Support for Routing Information Protocol version 2 for dynamic routing
Policy-Based Routing (PBR)
Flexible routing control to direct packets to different next hop based on IPv4 or IPv6 Access Control List (ACL)
DHCP Server
Switch functions as an IPv4 DHCP server serving IP addresses for multiple DHCP pools/scopesvSupport for DHCP options
DHCP relay at Layer 3
Relay of DHCP traffic across IP domains
User Datagram Protocol (UDP) relay
Relay of broadcast information across Layer 3 domains for application discovery or relaying of Bootstrap Protocol (BOOTP)/DHCP packets
Stacking
Hardware stacking
Up to 4 units in a stack. Up to 192 ports managed as a single system with hardware failover
Stacking is supported on the following models
CBS350-24T-4X, CBS350-24P-4X, CBS350-24FP-4X, CBS350-48T-4X, CBS350-48P-4X, CBS350-48FP-4X
CBS350-8MP-2X, CBS350-24MGP-4X, CBS350-12NP-4X, CBS350-24NGP-4X, CBS350-48NGP-4X
CBS350-8XT, CBS350-12XS, CBS350-12XT, CBS350-16XTS, CBS350-24XS, CBS350-24XT, CBS350-24XTS, CBS350-48XT-4X
High availability
Fast stack failover delivers minimal traffic loss. Support link aggregation across multiple units in a stack
Plug-and-play stacking configuration/management
Active/standby for resilient stack control
Autonumbering
Hot swap of units in stack
Ring and chain stacking options, auto stacking port speed, flexible stacking port options
High-speed stack interconnects
Cost-effective high-speed 10G fiber interfaces.
Caractéristiques Supported SFP modules : MGBSX1 Multimode fiber 1000 Mbps 500 m
MGBLX1 Single-mode fiber 1000 Mbps 10 km
MGBLH1 Single-mode fiber 1000 Mbps 40 km
MGBT1 UTP cat 5e 1000 Mbps 100 m
GLC-SX-MMD Multimode fiber 1000 Mbps 550 m
GLC-LH-SMD Single-mode fiber 1000 Mbps 10 km
GLC-BX-U Single-mode fiber 1000 Mbps 10 km
GLC-BX-D Single-mode fiber 1000 Mbps 10 km
GLC-TE UTP cat 5e 1000 Mbps 100 m
SFP-H10GB-CU1M
Consommation 27.25W
Alimentation AC 100/240 V (50/60 Hz)
Accessoires fournis ● Cisco Business 350 Series Smart Switch
● Power cord (power adapter for 8-port and 16-port SKUs)
● Mounting kit
● Quick Start Guide
Réf. constructeur CBS350-24T-4X-EU
Constructeur Cisco
Garantie Garantie à vie limité (retour constructeur)