Cisco Systems 2950-24 manual Networkwide, Security features, Quality of Service, Layer 2 QoS

Page 7

Feature

Benefit

 

 

Security

 

 

 

Networkwide

• A private VLAN edge provides security and isolation between ports on a switch, ensuring

security features

that voice traffic travels directly from its entry point to the aggregation device through a

 

virtual path and cannot be directed to a different port.

 

• Support for the 802.1x standard allows users to be authenticated regardless of which LAN

 

ports they are accessing, and it provides unique benefits to customers who have a large

 

base of mobile (wireless) users accessing the network.

 

• 802.1x with voice VLAN permits an IP phone access to the voice VLAN regardless of the

 

authorized or unauthorized state of the port.

 

• 802.1x with Port Security authenticates the port and manages network access for all MAC

 

addresses, including that of the client.

 

• Port Security secures the access to a port based on the MAC address of a user’s device.

 

The aging feature removes the MAC address from the switch after a specific time to allow

 

another device to connect to the same port.

 

• MAC Address Notification allows administrators to be notified of new users added or

 

removed from the network.

 

• Multilevel security on console access prevents unauthorized users from altering the

 

switch configuration.

 

• Trusted Boundary provides the ability to trust the QoS priority settings if an IP phone is

 

present and disable the trust setting in the event that the IP phone is removed, thereby

 

preventing a rogue user from overriding prioritization policies in the network.

 

• TACACS+ and RADIUS authentication enables centralized control of the switch and

 

restricts unauthorized users from altering the configuration.

 

• SNMPv3 (non-crypto) monitors and controls network devices, manages configurations,

 

statistics collection, performance, and security.

 

• Cisco CMS software security wizards ease the deployment of security features for

 

restricting user access to a server, a portion of the network, or access to the network.

 

 

Quality of Service

 

 

 

Layer 2 QoS

• Support for reclassifying frames is based either on 802.1p class-of-service (CoS) value or

 

default CoS value per port assigned by network manager.

 

• Four queues per egress port are supported in hardware.

 

• The Weighted Round Robin (WRR) scheduling algorithm ensures that low-priority queues

 

are not starved.

 

• Strict priority queue configuration via Strict Priority Scheduling ensures that

 

time-sensitive applications such as voice always follow an expedited path through the

 

switch fabric.

 

 

Cisco Systems, Inc.

All contents are Copyright © 1992–2003 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.

Page 7 of 15

Page 6 Page 8
Image 7
Page 6 Page 8
Contents Product Overview Data SheetPage Network Security Network Availability Network ControlNetwork Management Feature Benefit Product Features and BenefitsAvailability Networkwide Security featuresQuality of Service SecuritySuperior ManagementManageability CiscoWorks Cisco ClusterManagement Suite Support forFeature Performance Product SpecificationsFeature Description Feature Description/Part NumbersIndicators ConnectorsSwitch PowerRegulatory Agency Approvals Ordering Information Service and SupportService and Support Features Benefits Model Numbers ConfigurationFor More Information
Top Page Image Contents