1-13
Catalyst 3750 SwitchSoftware Configuration Guide
OL-8550-09
Chapter1 Overview
Features
Support for 3DES and AES with version 3 of the Simple Network Management Protocol (SNMPv3).
This release adds support for the 168-bit Triple Data Encryption Standard (3DES) and the 128-bit,
192-bit, and 256-bit Advanced Encryption Standard (AES) encryption algorithms to SNMPv3.
Support for the Security Group Tag (SCT) Exchange Protocol (SXP) component of Cisco TrustSec,
a security architecture using authentication, encryption, and access control.
QoS and CoS Features
Automatic QoS (auto-QoS) to simplify the deployment of existing QoS features by classifying
traffic and configuring egress queues
Automatic quality of service (QoS) Voice over IP (VoIP) enhancement for port -based trust of DSCP
and priority queuing for egress traffic
Cross-stack QoS for configuring QoS features to all switches in a switch stack rather than on an
individual-switch basis
Classification
IP type-of-service/Differentiated Services Code Point (IP ToS/DSCP) and IEEE 802.1p CoS
marking priorities on a per-port basis for protecting the performance of mission-critical
applications
IP ToS/DSCP and IEEE 802.1p CoS marking based on flow-based packet classification
(classification based on information in the MAC, IP, and TCP/UDP headers) for
high-performance quality of service at the network edge, allowing for differentiated service
levels for different types of network traffic and for prioritizing mission-critical traffic in the
network
Trusted port states (CoS, DSCP, and IP precedence) within a QoS domain and with a port
bordering another QoS domain
Trusted boundary for detecting the presence of a Cisco IP Phone, trusting the CoS value
received, and ensuring port security
Policing
Traffic-policing policies on the switch port for managing how much of the port bandwidth
should be allocated to a specific traffic flow
If you configure multiple class maps for a hierarchical policy map, each class map can be
associated with its own port-level (second-level) policy map. Each second-level policy map can
have a different policer.
Aggregate policing for policing traffic flows in aggregate to restrict specific applications or
traffic flows to metered, predefined rates
Out-of-Profile
Out-of-profile markdown for packets that exceed bandwidth utilization limits
Ingress queueing and scheduling
Two configurable ingress queues for user traffic (one queue can be the priority queue)
Weighted tail drop (WTD) as the congestion-avoidance mechanism for managing the queue
lengths and providing drop precedences for different traffic classifications
Shaped round robin (SRR) as the scheduling service for specifying the rate at which packets are
sent to the stack ring (sharing is the only supported mode on ingress queues)