Loading...
.
Data Sheet
Cisco Catalyst 3560 v2 Series Switches
Product Overview
The Cisco® Catalyst® 3560 v2 Series (Figure 1) is the next-generation energy-efficient Layer 3 fast Ethernet switches. This new series of switches supports Cisco EnergyWise technology, which enables companies to measure and manage power consumption of network infrastructure and network-attached devices, thereby reducing their energy costs and their carbon footprint. The Cisco Catalyst 3560 v2 Series consumes less power than its predecessors and is the ideal access layer switch for enterprise, retail, and branch-office environments, as it maximizes productivity and investment protection by enabling a unified network for data, voice, and video.
Figure 1. Cisco Catalyst 3560 v2 Switches
Cisco Catalyst 3560 v2 Series Highlights
●Lower power consumption than its predecessors
●Backward compatible - uses the same Cisco IOS® Software image as the 3560 series and has the same feature set
●Full EnergyWise support to monitor energy consumption of network infrastructure and implement energy saving programs to reduce energy costs
●Compatible with Cisco Redundant Power System (RPS) 2300
●All units have a uniform depth of 11.9 inches for better cable management
●Preconfigurable with the Cisco IOS Software release at the time of ordering
●IPv6 routing included in the IP Services feature set
●DC powered stand-alone model
© 2009-2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 1 of 20 |
Data Sheet
Configurations
The Cisco Catalyst 3560 v2 Series includes the switches described in Table 1.
Table 1. |
Switch Configurations |
|
|
|
|
|
|
|
|
Model |
|
Description |
|
|
|
|
|
|
|
3560V2-24TS |
|
24 |
Ethernet 10/100 ports and 2 Small Form-Factor Pluggable (SFP)-based Gigabit Ethernet ports; 1 rack unit |
|
|
|
(RU) |
|
|
|
|
|
|
|
3560V2-48TS |
|
48 |
Ethernet 10/100 ports and 4 SFP-based Gigabit Ethernet ports; 1RU |
|
|
|
|
|
|
3560V2-24PS |
|
24 |
Ethernet 10/100 ports with PoE and 2 |
SFP-based Gigabit Ethernet ports; 1 RU |
|
|
|
|
|
3560V2-48PS |
|
48 |
Ethernet 10/100 ports with PoE and 4 |
SFP-based Gigabit Ethernet ports; 1RU |
|
|
|
||
3560V2-24TS-SD |
24 |
Ethernet 10/100 ports and 2 SFP-based Gigabit Ethernet ports; 1RU, DC power supply |
||
|
|
|
|
|
Cisco Catalyst 3560 v2 Series Software
The Cisco Catalyst 3560 v2 Series can be purchased with the IP Base or IP Services licenses preinstalled. The IP Base license offers advanced QoS, rate limiting, ACLs, and basic static and Routing Information Protocol (RIP) routing functions. The IP Services license provides a richer set of enterprise-class features, including advanced hardware-based IP unicast and IP Multicast routing as well as policy-based routing (PBR). The Advanced IP Services license, which includes IPv6 routing and IPv6 ACL support, is now included in the IP Services license. Upgrade licenses are available to upgrade a switch from the IP Base license to the IP Services license.
Configurable Cisco IOS Software
The Cisco Catalyst 3560 v2 Series can be preconfigured with a specific Cisco IOS Software release at the time of ordering. This option eliminates the need to reload a specific Cisco IOS Software release during deployment, thereby reducing deployment time and cost. The Cisco IOS Software release to be preloaded can be selected from a list of supported Cisco IOS Software releases, including the crypto version.
Cisco EnergyWise
The Cisco Catalyst 3560 v2 series support Cisco EnergyWise, which is a technology that enables monitoring, reporting, and management of energy consumption by end devices that are Cisco EnergyWise enabled. This technology enables companies to reduce their energy cost and carbon footprint. These are some of the EnergyWise features available:
●Discover all Cisco EnergyWise enabled devices on the network.
●Monitor and report power consumption by these devices.
●Implement business rules to control power to these end devices.
More information about Cisco EnergyWise can be found at http://www.cisco.com/go/energywise.
Power over Ethernet
The Cisco Catalyst 3560 v2 Series can provide a lower total cost of ownership (TCO) for deployments that incorporate Cisco IP phones, Cisco Aironet® wireless LAN (WLAN) access points, or any IEEE 802.3af-compliant end device. PoE eliminates the need for wall power outlets for each PoE-enabled device and significantly reduces the cost for additional electrical cabling that would otherwise be necessary in IP phone and WLAN deployments. The Cisco Catalyst 3560 v2 24-port PoE switch can support Class 3 PoE or 15.4W of PoE power on all 24 ports. Taking advantage of Cisco Catalyst Intelligent Power Management, the Cisco Catalyst 3560 v2 48-port PoE configurations can deliver the necessary power to support 24 ports at 15.4W, 48 ports at 7.7W, or any combination in between. Maximum power availability for a converged voice and data network is attainable when a Cisco Catalyst 3560 v2 series switch is combined with the Cisco Redundant Power System 2300 (RPS 2300) for protection against internal power supply failures and an uninterruptible power supply (UPS) system to safeguard against power outages.
© 2009-2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 2 of 20 |
Data Sheet
Redundant Power System
The Cisco Catalyst 3560 v2 Series access switches support the new generation of Cisco RPS 2300, which increases availability in a converged data, voice, and video network by providing transparent power backup to two of six attached Cisco Catalyst 3560 v2 Series Switches at the same time. The Cisco Catalyst 3560 v2 Series switches are capable of reverting back to their internal power supply without any service interruption. In addition, the RPS 2300 can be managed via a Cisco Catalyst 3560 v2 Series switch that is connected to the RPS 2300.
Cisco Catalyst 3560 SFP Interconnect Cable
The Cisco Catalyst 3560 SFP Interconnect Cable (see Figure 2) provides for a low-cost point-to-point Gigabit Ethernet connection between Cisco Catalyst 3560 v2 switches. The 50cm cable is an alternative to using SFP transceivers when interconnecting Cisco Catalyst 3560 v2 switches through their SFP ports over a short distance.
Figure 2. Cisco Catalyst 3560 SFP Interconnect Cable
Primary Features and Benefits
Ease of Use and Deployment
The Cisco Catalyst 3560 v2 series offers several ease of use features, which enable fast and easy configuration of advanced Cisco Catalyst capabilities. These features include:
●Cisco SmartPorts simplify the configuration of advanced Cisco Catalyst capabilities, encapsulating years of Cisco networking expertise. Cisco SmartPort macros offer a set of verified, pretested, Cisco-recommended switch port configurations or templates per connection type that are easy to apply, enabling users to consistently and reliably configure essential security, IP Telephony, availability, QoS, and manageability features with minimal effort and expertise.
●Cisco AutoSmartPorts automatically execute SmartPort macros based on the end device type, such as IP Phones, Desktop Computers, and WLAN Access Points.
●Cisco Express Setup simplifies initial configuration with a Web browser, eliminating the need for more complex terminal emulation programs and CLI knowledge.
●IEEE 802.3af and Cisco prestandard PoE support comes with automatic discovery to detect a Cisco prestandard or IEEE 802.3af endpoint and provide the necessary power without any user configuration.
●DHCP autoconfiguration of multiple switches through a boot server eases switch deployment.
© 2009-2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 3 of 20 |
Data Sheet
●DHCP AutoInstall simplifies the deployment of a large number of switches by automatically downloading a specified Cisco IOS Software image and a configuration file from a TFTP server. This feature can be used to implement a “zero touch deployment”.
●DHCP Port Based Allocation allows you to allocate the same IP address for a specified port. The feature allows persistent allocation of IP addresses to specified network devices.
●Embedded Event Manager (EEM) is a powerful and flexible tool for management and automation. This feature can be used to monitor network events and program automatic actions based on these network events. Policies can be defined via CLI or Tcl script and can be used in a variety of scenarios, such as automatically backing up a configuration file at a specified time or triggering an alert when traffic congestion crosses a specified threshold. EEM requires the IP Services license.
●Configuration Replace and Rollback simplifies configuration management by allowing you to rollback configuration changes. This feature allows you to replace a configuration file with a saved configuration file without a switch reload, and up to 14 configuration files can be saved.
●Automatic QoS (Auto QoS) simplifies QoS configuration in voice-over-IP (VoIP) networks by issuing interface and global switch commands to detect Cisco IP phones, classify traffic, and enable egress queue configuration.
●Autosensing on each 10/100 port detects the speed of the attached device and automatically configures the port for 10or 100-Mbps operation, easing switch deployment in mixed 10and 100-Mbps environments.
●Autonegotiating on all ports automatically selects halfor full-duplex transmission mode to optimize bandwidth.
●Dynamic Trunking Protocol (DTP) helps enable dynamic trunk configuration across all switch ports.
●Port Aggregation Protocol (PAgP) automates the creation of Cisco Fast EtherChannel® groups or Gigabit EtherChannel groups to link to another switch, router, or server.
●Link Aggregation Control Protocol (LACP) allows the creation of Ethernet channeling with devices that conform to IEEE 802.3ad. This feature is similar to Cisco EtherChannel technology and PAgP.
●DHCP Server enables a convenient deployment option for the assignment of IP addresses in networks that do not have a dedicated DHCP server.
●DHCP Relay allows a DHCP relay agent to broadcast DHCP requests to the network DHCP server.
●IEEE 802.3z-compliant 1000BASE-SX, 1000BASE-LX/LH, 1000BASE-ZX, 1000BASE-T, and coarse wavelength-division multiplexing (CWDM) physical interface support through a field-replaceable SFP module provides unprecedented flexibility in switch deployment.
●Support for the Cisco Catalyst 3560 SFP Interconnect Cable facilitates a low-cost, point-to-point gigabit connection between Cisco Catalyst 3560 v2 Series switches.
●The default configuration stored in Flash memory helps ensure that the switch can be quickly connected to the network and can pass traffic with minimal user intervention.
●Automatic medium-dependent interface crossover (Auto-MDIX) automatically adjusts transmit and receive pairs if an incorrect cable type (crossover or straight-through) is installed on a 10/100 port.
●Time Domain Reflectometry (TDR) to diagnose and resolve cabling problems on copper Ethernet ports.
Enhanced Security
With the wide range of security features, such as ACLs, authentication, port-level security, and identity based network services (IBNS) with 802.1x and extensions, that the Cisco Catalyst 3560 v2 Series offers, businesses can protect important information, keep unauthorized people off the network, guard privacy, and maintain uninterrupted operation. These security features include:
© 2009-2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 4 of 20 |
Data Sheet
●IEEE 802.1x allows dynamic, port-based security, providing user authentication.
●IEEE 802.1x with VLAN assignment allows a dynamic VLAN assignment for a specific user regardless of where the user is connected.
●IEEE 802.1x with voice VLAN permits an IP phone to access the voice VLAN irrespective of the authorized or unauthorized state of the port.
●IEEE 802.1x and port security are provided to authenticate the port and manage network access for all MAC addresses, including those of the client.
●IEEE 802.1x with an ACL assignment allows for specific identity-based security policies regardless of where the user is connected.
●IEEE 802.1x with Guest VLAN allows guests without 802.1x clients to have limited network access on the guest VLAN.
●IEEE 802.1x Supplicant on the switches can be used to authenticate switches onto the network, thereby preventing unauthorized network devices from being used to expand the network.
●IEEE 802.1x Readiness Check eases 802.1x deployment in an enterprise. This feature determines if the client has an 802.1x supplicant by initiating an 802.1x ping.
●Open 802.1x allows network communication to take place before an 802.1x authentication. This feature is useful for PXE environments and other applications where network connectivity is required prior to 802.1x authentication. An ACL is used to allow traffic prior to authentication.
●Flexible Authentication or FlexAuth can be used to determine the order of authentication methods on the network. For example, if the order is set to 802.1x, MAB, and WebAuth, the network will first try to authenticate via 802.1x, then via MAB, and then via WebAuth.
●Multi Authentication or MultiAuth enables up to 8 users to authenticate via the same switch port. This feature includes support for multiple authentication methods, such as 802.1x, MAB, and WebAuth, and per-user ACLs.
●Web authentication for non-802.1x clients allows non-802.1x clients to use an SSL-based browser for authentication.
●Local Web Authentication is a key feature that allows non 802.1x users to authenticate via a login web page. The user enters the authentication info, such as user id and password, and gets authenticated via a AAA server.
●Local Web Authentication Banner allows users to customize the authentication web page.
●Multi-Domain Authentication allows an IP phone and a PC to authenticate on the same switch port while placing them on appropriate Voice and Data VLAN.
●MAC Auth Bypass (MAB) for voice allows third-party IP phones without an 802.1x supplicant to get authenticated using their MAC address.
●Cisco security VLAN ACLs (VACLs) on all VLANs prevent unauthorized data flows from being bridged within VLANs.
●Cisco standard and extended IP security router ACLs (RACLs) define security policies on routed interfaces for controland data-plane traffic.
●Port-based ACLs (PACLs) for Layer 2 interfaces allow application of security policies on individual switch ports.
●Unicast MAC filtering prevents the forwarding of any type of packet with a matching MAC address.
●Unknown unicast and multicast port blocking allows tight control by filtering packets that the switch has not already learned how to forward.
© 2009-2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 5 of 20 |
Data Sheet
●SSHv2, Kerberos, and SNMPv3 provide network security by encrypting administrator traffic during Telnet and SNMP sessions. SSHv2, Kerberos, and the cryptographic version of SNMPv3 require a special cryptographic software image because of U.S. export restrictions.
●Private VLAN Edge provides security and isolation between switch ports, helping ensure that users cannot snoop on other users' traffic.
●Private VLANs restrict traffic between hosts in a common segment by segregating traffic at Layer 2, turning a broadcast segment into a nonbroadcast multi-access-like segment.
●Bidirectional data support on the Switched Port Analyzer (SPAN) port allows the Cisco Secure Intrusion Detection System (IDS) to take action when an intruder is detected.
●TACACS+ and RADIUS authentication enable centralized control of the switch and restrict unauthorized users from altering the configuration.
●MAC address notification allows administrators to be notified of users added to or removed from the network.
●Dynamic ARP Inspection (DAI) helps ensure user integrity by preventing malicious users from exploiting the insecure nature of the ARP protocol.
●DHCP snooping allows administrators to help ensure consistent mapping of IP to MAC addresses. This can be used to prevent attacks that attempt to poison the DHCP binding database, and to rate limit the amount of DHCP traffic that enters a switch port.
●IP source guard prevents a malicious user from spoofing or taking over another user's IP address by creating a binding table between the client's IP and MAC address, port, and VLAN.
●DHCP Interface Tracker (Option 82) augments a host IP address request with the switch port ID.
●Port security secures the access to an access or trunk port based on MAC address.
●After a specific timeframe, the aging feature removes the MAC address from the switch to allow another device to connect to the same port.
●Trusted Boundary provides the ability to trust the QoS priority settings if an IP phone is present and to disable the trust setting if the IP phone is removed, thereby preventing a malicious user from overriding prioritization policies in the network.
●Multilevel security on console access prevents unauthorized users from altering the switch configuration.
●The user-selectable address-learning mode simplifies configuration and enhances security.
●BPDU Guard shuts down Spanning Tree Protocol PortFast-enabled interfaces when BPDUs are received to avoid accidental topology loops.
●Spanning-Tree Root Guard (STRG) prevents edge devices not in the network administrator's control from becoming Spanning Tree Protocol root nodes.
●IGMP filtering provides multicast authentication by filtering out nonsubscribers and limits the number of concurrent multicast streams available per port.
●Dynamic VLAN assignment is supported through implementation of VLAN Membership Policy Server (VMPS) client functions to provide flexibility in assigning ports to VLANs. Dynamic VLAN helps enable the fast assignment of IP addresses.
●Cisco Network Assistant software security wizards ease the deployment of security features for restricting user access to a server as well as to a portion of or the entire network.
●Two thousand access control entries (ACEs) are supported.
© 2009-2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 6 of 20 |
Loading...