Cisco Cisco IOS Software Release 12.2(25)SEC Aggregierten Daten
All contents are Copyright © 1992–2005 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 1 of 5
Product Bulletin No. 3011
New Cisco IOS Software Release 12.2(25)SEC for
Cisco Catalyst 3750, Catalyst 3560, Catalyst 3550,
and Catalyst 2970 Series Switches
Cisco Catalyst 3750, Catalyst 3560, Catalyst 3550,
and Catalyst 2970 Series Switches
Cisco Systems
®
announces Cisco IOS
®
Software updates for Cisco
®
Catalyst
®
3750, Catalyst 3560, Catalyst 3550, and
Catalyst 2970 series Intelligent Ethernet switches. This new release furthers Cisco leadership in providing secure, reliable,
and feature-rich LAN switching solutions.
OVERVIEW
This product bulletin contains content and delivery information for Cisco IOS Software Release 12.2(25)SEC.
The following new features are available with Cisco IOS Software Release 12.2(25)SEC:
•
NAC L2 802.1x—NAC L2 802.1x enables a switch to enforce network access privileges based on information such as the revision of anti-virus
software or OS level patches running on the end station. This feature uses the 802.1X port authentication mechanism to allow an agent running on
the end station to provide Network Admission Control (NAC) information to the AAA server along with the authentication credentials. The AAA
server can direct the end station into an appropriate VLAN based on the NAC information.
the end station to provide Network Admission Control (NAC) information to the AAA server along with the authentication credentials. The AAA
server can direct the end station into an appropriate VLAN based on the NAC information.
•
NAC L2 IP—NAC L2 IP enables a switch to enforce network access privileges based on information such as the revision of anti-virus software
or OS level patches running on the end station. This feature detects end stations by snooping ARP and DHCP requests, which allows it to support
multiple end stations connected to a single port. The switch validates newly discovered stations by using the EAP over UDP (EoU) protocol to
communicate with a AAA server and uses port ACLs to enforce the appropriate network access based on the NAC information.
multiple end stations connected to a single port. The switch validates newly discovered stations by using the EAP over UDP (EoU) protocol to
communicate with a AAA server and uses port ACLs to enforce the appropriate network access based on the NAC information.
•
Virtual Routing and Forwarding (VRF) Lite—VRF Lite allows the customer to configure multiple private routing domains on the switch;
each domain has its own routing table, and potentially overlapping network addresses can be routed within each separate domain without conflict.
VLANs can be configured to participate in one VRF domain.
VLANs can be configured to participate in one VRF domain.
•
IEEE 802.1s Compliance—This enhancement brings the Cisco Multiservice Transport Protocol (MSTP) implementation up to the IEEE 802.1s
standard, while retaining backward compatibility with the Cisco prestandard implementation.
•
Inline Power Consumption—This feature allows the network administrator to configure on a per-port basis the actual power requirements of
attached powered devices, overriding the classification settings of the powered device. It allows the customer to manage the power budget of a
Cisco Catalyst 3750 and Catalyst switch, down to the individual port level. Many default Class 0 powered devices require much less than the
full 15.4W of power that is associated with Class 0. This feature, therefore, helps extend the Power over Ethernet (PoE) power budget. Caution:
Misconfiguring this feature may cause damage to the switch and void your warranty. Take precaution not to oversubscribe the power supply.
Cisco Catalyst 3750 and Catalyst switch, down to the individual port level. Many default Class 0 powered devices require much less than the
full 15.4W of power that is associated with Class 0. This feature, therefore, helps extend the Power over Ethernet (PoE) power budget. Caution:
Misconfiguring this feature may cause damage to the switch and void your warranty. Take precaution not to oversubscribe the power supply.
•
Configuration Logging—This configuration option sends a syslog message for every configuration change made to the switch for tracking and
auditing purposes.
•
Unique Device Identifier (UDI)—With UDI, customers can uniquely identify and track Cisco products through their business and network
operations. The UDI provides a hardware product identification standard that is consistent across Cisco products, giving Cisco customers the
ability to automate their asset-management systems. In addition, UDI offers end-to-end product-identification data integrity, providing a
consistent electronic, physical, and associated business-to-business information product-identification standard.
ability to automate their asset-management systems. In addition, UDI offers end-to-end product-identification data integrity, providing a
consistent electronic, physical, and associated business-to-business information product-identification standard.
•
Standard 802.1x with Wake on LAN—This feature allows transmission of frames from an unauthenticated port to the connected end station,
blocking only inbound traffic until authentication completes. Customers deploying IEEE 802.1X port authentication and also using remote
desktop-management systems can use this feature to “wake up” PCs and perform maintenance, even if a user is not currently logged in or the
PC is down.
desktop-management systems can use this feature to “wake up” PCs and perform maintenance, even if a user is not currently logged in or the
PC is down.
•
Secure Copy Protocol (SCP)—SCP allows a user with appropriate authorization to copy any file that exists in the Cisco IOS Software File
System to and from a switch by using the copy command. This protocol uses the Secure Shell (SSH) Protocol as a transport mechanism for