Cisco Systems 3560 Manual De Usuario

Inter-Switch Link (ISL) and IEEE 802.1Q trunking encapsulation on all ports for network moves, 
adds, and changes; management and control of broadcast and multicast traffic; and network security 
by establishing VLAN groups for high-security users and network resources

Dynamic Trunking Protocol (DTP) for negotiating trunking on a link between two devices and for 
negotiating the type of trunking encapsulation (IEEE 802.1Q or ISL) to be used

VLAN Trunking Protocol (VTP) and VTP pruning for reducing network traffic by restricting 
flooded traffic to links destined for stations receiving the traffic

Voice VLAN for creating subnets for voice traffic from Cisco IP Phones

VLAN 1 minimization for reducing the risk of spanning-tree loops or storms by allowing VLAN 1 
to be disabled on any individual VLAN trunk link. With this feature enabled, no user traffic is sent 
or received on the trunk. The switch CPU continues to send and receive control protocol frames.

Private VLANs to address VLAN scalability problems, to provide a more controlled IP address 
allocation, and to allow Layer 2 ports to be isolated from other ports on the switch

Port security on a PVLAN host to limit the number of MAC addresses learned on a port, or define 
which MAC addresses may be learned on a port

VLAN Flex Link Load Balancing to provide Layer 2 redundancy without requiring Spanning Tree 
Protocol (STP). A pair of interfaces configured as primary and backup links can load balance traffic 
based on VLAN.

IP Service Level Agreements (IP SLAs) support to measure network performance by using active 
traffic monitoring

IP SLAs EOT to use the output from IP SLAs tracking operations triggered by an action such as 
latency, jitter, or packet loss for a standby router failover takeover 

Web authentication to allow a supplicant (client) that does not support IEEE 802.1x functionality to 
be authenticated using a web browser

Local web authentication banner so that a custom banner or an image file can be displayed at a web 
authentication login screen

MAC authentication bypass (MAB) aging timer to detect inactive hosts that have authenticated after 
they have authenticated by using MAB

Password-protected access (read-only and read-write access) to management interfaces (device 
manager, Network Assistant, and the CLI) for protection against unauthorized configuration 
changes

Multilevel security for a choice of security level, notification, and resulting actions

Static MAC addressing for ensuring security

Protected port option for restricting the forwarding of traffic to designated ports on the same switch

Port security option for limiting and identifying MAC addresses of the stations allowed to access 
the port

VLAN aware port security option to shut down the VLAN on the port when a violation occurs, 
instead of shutting down the entire port.

Port security aging to set the aging time for secure addresses on a port

BPDU guard for shutting down a Port Fast-configured port when an invalid configuration occurs