Cisco Catalyst 2960-24TC-S, Catalyst 2960G-24TC, Catalyst 2960-24PC-S, Catalyst 2960-24LC-S, Catalyst 2960-48TT-S Datasheet

Data Sheet

Cisco Catalyst 2960 LAN Lite Series Switches Data Sheet

Product Overview

Cisco® Catalyst® 2960 Series Switches with LAN Lite software are fixed-configuration, standalone switches that
provide desktop Fast Ethernet connectivity for entry-level wiring closet and small branch-office networks (Figure 1).
These switches simplify the migration from non-intelligent hubs and unmanaged switches to a fully scalable
managed network.

Cisco Catalyst 2960 Series Switches have lower cost of ownership with features such as intelligent switch
configuration using Auto Smart Ports, installation with Auto Install and enhanced troubleshooting to facilitate ease of
use. Comprehensive management tools such as Cisco Network Assistant provide ongoing management and
monitoring of switches.

Services integrating voice, video, and wireless applications are possible using the Cisco Catalyst 2960 Series LAN
Lite Switches. Power over Ethernet (POE) and quality of service (QoS) provide comprehensive service delivery for
entry-level customers.

Security capabilities that are pervasive in the network are critical for secure operations, and end-to-end security is
obtained using the Cisco Catalyst 2960 Series Switches with LAN Lite software. An array of Cisco security solutions
is available, including Cisco Clean Access NAC-based solutions.

Overall, the functionality available in Cisco Catalyst 2960 Series Switches with LAN Lite software provides peace of
mind when dealing with today’s network operations and lowers cost of ownership for customers.

Figure 1. Cisco Catalyst 2960 LAN Lite Series Highlights

The Cisco Catalyst 2960 LAN Lite Switches offer:

●

Both 24 and 48 port POE is available using 802.3af class 3 with 370 Watt power capacity.

●

Dual-purpose uplinks for Gigabit Ethernet uplink flexibility, allowing use of either a copper or a fiber uplink. A
dual-purpose uplink port has one 10/100/1000 Ethernet port and one Small Form-Factor Pluggable (SFP)­based Gigabit Ethernet port, with one port active at a time

●

Scalable and secure ease of use functionality such as auto configuration with Auto Smart Ports and easy
installation with Auto Install to lower total cost of ownership.

●

Enhanced troubleshooting for problem solving including link connectivity and cable diagnostics

●

QoS for traffic classification and shaping to prioritize various applications including voice, video, and multicast
applications.

© 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 14

Data Sheet

●

Single IP address, syslog, and Simple Network Management Protocol (SNMP) management for a stack of up
to 16 switches

●

Baseline Network Admission Control based on users, ports, and MAC addresses

●

Limited lifetime hardware warranty

●

Software updates at no additional cost

Configurations

Table 1. Shows the Cisco Catalyst 2960 LAN Lite Series configurations.

Model Access Ports Uplinks

Cisco Catalyst 2960-8TC-S 8 10/100 1 Dual Purpose (10/100/1000BASE-T or SFP)
Cisco Catalyst 2960-24-S 24 10/100 None
Cisco Catalyst 2960-24TC-S 24 10/100 2 dual-purpose (10/100/1000BASE-T or SFP)
Cisco Catalyst 2960-24PC-S 24 10/100 PoE 2 dual-purpose (10/100/1000BASE-T or SFP)
Cisco Catalyst 2960-24LC-S 24 10/100 (8 PoE) 2 dual-purpose (10/100/1000BASE-T or SFP)
Cisco Catalyst 2960-48TT-S 48 10/100 2 fixed 10/100/1000
Cisco Catalyst 2960-48TC-S 48 10/100 2 dual-purpose (10/100/1000BASE-T or SFP)
Cisco Catalyst 2960-48PST-S 48 10/100 PoE 2 10/100/1000BASE-T ports and 2 SFP ports

Primary Features and Benefits

Easy Deployment and Network Management

The Cisco Catalyst 2960 LAN Lite Series offers several ease of use features, which enable fast and easy
configuration and installation of the switches into the network. Lowering the total cost of ownership and simplifying
network operation are primary reasons for using the Cisco Catalyst 2960 switches. These features include:

●

Cisco Auto SmartPorts simplify the configuration of advanced Cisco Catalyst capabilities, encapsulating
years of Cisco networking expertise. As devices connect to the switch automatic port, configuration is
enabled, allowing a plug and play of the device onto the network. For example, an IP phone connecting to the
switch will configure the switch port with Cisco best practices for QoS and create a voice VLAN. Cisco
SmartPort macros offer a set of verified, pretested, Cisco recommended switch port configurations per
connection type that are easy to apply, enabling users to consistently and reliably configure essential
security, IP telephony, availability, QoS, and manageability features with minimal effort and expertise.

●

Cisco Express Setup simplifies initial configuration with a web browser, eliminating the need for more
complex terminal emulation programs and CLI knowledge.

●

Auto Install utilizes Dynamic Host Configuration Protocol (DHCP) based auto-configuration and image
upgrade. This feature automatically downloads the configuration file, Cisco IOS® Software image, allocates
an IP address and hostname for the switch. This feature can be used to implement a “zero touch
deployment.”

●

Cisco Network Assistant is a no cost, Windows-based application that simplifies the administration of
networks of up to 250 users. It supports a wide range of Cisco Catalyst intelligent switches from Cisco
Catalyst 2960 through Cisco Catalyst 4506. With Cisco Network Assistant, users can manage Cisco Catalyst
switches plus launch the device managers of Cisco integrated services routers and Cisco Aironet WLAN
access points.

●

Enhanced Troubleshooting is possible with an extensive array of debug diagnostic commands and system
health checks within the switch.

●

Time Domain Reflectometry (TDR) to diagnose and resolve cabling problems on copper Ethernet ports.

© 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 14

Data Sheet

●

Autosensing on each 10/100 port detects the speed and duplex of the attached device and automatically
configures the port for 10- or 100-Mbps operation, easing switch deployment in mixed 10- and 100-Mbps
environments.

●

Automatic medium-dependent interface crossover (Auto-MDIX) automatically adjusts transmit and receive
pairs if an incorrect cable type (crossover or straight-through) is installed on a copper port.

●

Multifunction LEDs per port for port status; half-duplex and full-duplex mode; and 10BASE-T, 100BASE-TX,
and 1000BASE-T indication as well as switch-level status LEDs for the system and a redundant power supply
provide a comprehensive and convenient visual management system.

Cisco Network Assistant is a PC-based network-management application optimized for LANs with up to 250 users.
Offering centralized management of Cisco switches, routers, and wireless LAN (WLAN) access points, it supports a
wide range of Cisco Catalyst intelligent switches from the Cisco Catalyst 2960 through the Cisco Catalyst 4506
Switch. Through a user-friendly GUI, you can configure and manage a wide array of switch functions and start the
device manager of Cisco routers and Cisco wireless access points. You can perform tasks to configure the switch for
voice, video and multicast traffic using QoS and upgrade IOS is a simple one click upgrade. The Security wizard
automatically restricts unauthorized access to servers with sensitive data. Smartports and wizards save time for
network administrators, reduce human errors, and help ensure that the configuration of the switch is optimized for
these applications. You can download Cisco Network Assistant from the Cisco website for free

http://www.cisco.com/go/cna. The easy-to-use graphical interface provides both a topology map and front-panel view

of switches.
In addition to Cisco Network Assistant, Cisco Catalyst 2960 LAN Lite Switches provide for extensive management

using SNMP network-management platforms such as the CiscoWorks LAN Management Solution (LMS).
CiscoWorks LMS is a suite of powerful management tools that simplify the configuration, administration, monitoring,
and troubleshooting of Cisco networks. It integrates these capabilities into a world-class solution for improving the
accuracy and efficiency of your operations staff, while increasing the overall availability of your network. It supports
more than 400 different device types, providing:

●

Network discovery, topology views, end-station tracking, and VLAN management

●

Real-time network fault analysis with easy-to-deploy device-specific best-practice templates

●

Hardware and software inventory management, centralized configuration tools, and syslog monitoring

●

Network response time and availability monitoring and tracking

●

Real-time device, link, and port traffic management, analysis, and reporting

Intelligent Power over Ethernet (PoE) Management

The Cisco Catalyst 2960 LAN Lite Series can provide a lower total cost of ownership (TCO) for deployments that
incorporate Cisco IP phones, Cisco Aironet® wireless LAN (WLAN) access points, or any IEEE 802.3af-compliant
end device. PoE eliminates the need for wall power outlets for each PoE-enabled device and significantly reduces
the cost for additional electrical cabling that would otherwise be necessary in IP phone and WLAN deployments.
Taking advantage of Cisco Catalyst Intelligent Power Management, the Cisco Catalyst 2960 LAN Lite 48-port PoE
configurations can deliver the necessary power to support 24 ports at 15.4W, 48 ports at 7.7W, or any combination
in between. The 24 port switch models provide Class 3 PoE or 15.4W of PoE power on all 24 ports.

Key features for PoE include:

●

Cisco Discovery Protocol version 2 allows the Cisco Catalyst 2960 LAN Lite Series Switch to negotiate a
more granular power setting when connecting to a Cisco powered device, such as IP phones or access
points, than what is provided by IEEE classification.

© 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 14

Data Sheet

●

Per Port PoE Power Sensing measures actual power being drawn, enabling more intelligent control of
powered devices.

●

PoE MIB provides proactive visibility into power usage for monitoring and troubleshooting.

●

Link Layer Discovery Protocol (LLDP) link layer discovery protocol for interoperability in multivendor
networks. Switches exchange speed, duplex, and power settings with end devices such as IP phones.

Integrated Service Delivery with QoS and Multicast:

Prioritization of traffic is critical to many network services such as voice, video and wireless and the Catalyst Cisco
Catalyst 2960 LAN Lite Switches help ensure that network traffic congestion is avoided allowing business critical
applications to perform without degradation. To implement QoS, the Cisco Catalyst 2960 Series Switches first
identify traffic flows or packet groups, and then classify or reclassify these groups using Class of Service (CoS). The
Cisco Catalyst 2960 LAN Lite Switches support hardware based QoS with no performance degradation including
four egress queues per port, giving your network administrators more control in assigning priorities for the various
applications on the LAN. At egress, the switches perform congestion control and scheduling, the algorithm or
process that determines the order in which queues are processed. The Cisco Catalyst 2960 LAN Lite Switches
support Shaped Round Robin (SRR) and Strict Priority Queuing. The SRR algorithm helps ensure differential
prioritization and helps ensure excellent network performance with line rate traffic loads.

Multicast is a key capability available in the Catalyst switches that can efficiently deliver high bandwidth applications
across the network and optimize network performance saving bandwidth. It supports distributed applications and
enables next generation multimedia applications including: Corporate Communications, E-learning, IP Video
Surveillance, High Definition Video, and distribution of data to desktops in a scalable, reliable and efficient manner.
Cisco Catalyst 2960 LAN Lite Switches support layer 2 Multicast traffic and use protocols to allow customer to deploy
streaming video applications in the network and benefit from bandwidth saving provided.

Key features for integrated service delivery include:

●

Voice VLAN simplifies telephony installations by keeping voice traffic on a separate VLAN for easier
administration and troubleshooting.

●

Cisco VLAN Trunking Protocol (VTP) supports dynamic VLANs and dynamic trunk configuration across all
switches.

●

Standard 802.1p CoS and DSCP field classification are provided, using marking and reclassification on a
per-packet basis by source and destination IP address, source and destination MAC address, or Layer 4 TCP
or UDP port number.

●

Four egress queues per port enable differentiated management of up to four traffic types.

●

Shaped Round Robin (SRR) scheduling helps ensure differential prioritization of packet flows by intelligently
servicing the ingress and egress queues.

●

Weighted tail drop (WTD) provides congestion avoidance at the ingress and egress queues before a
disruption occurs.

●

Strict priority queuing guarantees that the highest-priority packets are serviced ahead of all other traffic.

●

Internet Group Management Protocol Version 3 (IGMPv3) snooping provides fast client joins and leaves of
multicast streams and limits bandwidth-intensive video traffic.

●

IGMP filtering provides multicast authentication by filtering out no subscribers and limits the number of
concurrent multicast streams available per port.

© 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 4 of 14

Data Sheet

Security

The Cisco Catalyst 2960 LAN Lite Switches support security features that can help your business protect important
information, keep unauthorized people off the network, guard privacy, and maintain uninterrupted operation.

The Cisco Identity-Based Networking Services (IBNS) solution provides authentication, access control, and security
policy administration to secure network connectivity and resources. Cisco IBNS in the Cisco Catalyst 2960 LAN Lite
Series prevents unauthorized access and helps ensure that users get only their designated privileges.

With Cisco IBNS you can dynamically administer granular levels of network access. Using the 802.1x standard and
the Cisco Secure Access Control Server (ACS), you can assign users a VLAN upon authentication, regardless of
where they connect to the network. This setup allows your IT department to enable strong security policies without
compromising user mobility, and with minimal administrative overhead.

You can use port security to limit access on an Ethernet port based on the MAC address of the device to which it is
connected. You also can use it to limit the total number of devices plugged into a switch port, thereby protecting the
switch from a MAC flooding attack as well as reducing the risks of rogue wireless access points or hubs.

You can use the MAC Address Notification feature to monitor the network and track users by sending an alert to a
management station so that your network administrators know when and where users entered the network. Secure
Shell Protocol Version 2 (SSHv2) and SNMPv3 encrypt administrative and network-management information,
protecting your network from tampering or eavesdropping. TACACS+ or RADIUS authentication enables centralized
access control of switches and restricts unauthorized users from altering the configurations. Alternatively, you can
configure a local username and password database on the switch itself. Fifteen levels of authorization on the switch
console and two levels on the web-based management interface allow you to give different levels of configuration
capabilities to different administrators.

Key security features include:

●

IEEE 802.1x allows dynamic, port-based security, providing user authentication.

●

IEEE 802.1x with VLAN assignment allows a dynamic VLAN assignment for a specific user regardless of
where the user is connected.

●

IEEE 802.1x with voice VLAN permits an IP phone to access the voice VLAN irrespective of the authorized
or unauthorized state of the port.

●

IEEE 802.1x and port security are provided to authenticate the port and manage network access for all MAC
addresses, including those of the client.

●

IEEE 802.1x with Guest VLAN allows guests without 802.1x clients to have limited network access on the
guest VLAN.

●

MAC Auth Bypass (MAB) for voice or data devices allows controlled network access without 802.1x
supplicant to get authenticated using their MAC address.

●

Unicast MAC filtering prevents the forwarding of any type of packet with a matching MAC address.

●

SSHv2 and SNMPv3 provide network security by encrypting administrator traffic during Telnet and SNMP
sessions. SSHv2 and the cryptographic version of SNMPv3 require a special cryptographic software image
because of U.S. export restrictions.

●

TACACS+ and RADIUS authentication enables centralized control of the switch and restricts unauthorized
users from altering the configuration.

●

MAC address notification allows administrators to be notified of users added to or removed from the
network.

●

Per-port broadcast, multicast, and unicast storm control and CPU queues prevents faulty end stations
from degrading overall systems performance and denial of service attacks.

© 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 14