Cisco Systems 2955 User Manual

Cisco Systems, Inc.

Page 3 of 11

Cisco Catalyst 2955 Series switches deliver a comprehensive set of management tools to provide the required

visibility and control in the network. Managed with CiscoWorks, Cisco Catalyst switches can be configured and

managed to deliver end-to-end device, VLAN, traffic, and policy management. Coupled with CiscoWorks2000, Cisco

Resource Manager Essentials, a Web-based management tool, offers automated inventory collection, software

deployment, easy tracking of network changes, views into device availability, and quick isolation of error conditions.

Supported CiscoWorks applications include:

• Campus Manager

• CiscoView

• Resource Manager Essentials

• Device Fault Manager

Q. What software features are available on Cisco Catalyst 2955 Series switches?

A. The Cisco Catalyst 2955 Series software feature set delivers intelligent services, including advanced QoS with an

ability to map differentiated services code point (DSCP) to class of service (CoS) or vice versa; rate limiting based on

a wide range of access control parameters (ACPs) such as source/destination IP address, source/destination Media

Access Control (MAC) and TCP/User Datagram Protocol (UDP) port number; and sophisticated security through

filtering. In addition to Layers 3 and 4 lookups, the Cisco Catalyst 2955 Series offers ease of use and deployment

features such Dynamic Trunking Protocol (DTP), Port Aggregation Protocol (PAgP), dynamic virtual LANs

(VLANs), and VLAN Trunking Protocol (VTP) pruning. For a full range of software features supported by the

Cisco Catalyst 2955 Series, refer to the Cisco Catalyst 2955 Series data sheet at

The Cisco Catalyst 2955 delivers superior LAN-edge Layer 2 QoS (unmatched in its class of products in the industry)

and superior multicast management via Internet Group Management Protocol (IGMP) snooping in hardware. It also

delivers wire-speed performance and all traditional wiring closet features, including a Web management interface,

Network Timing Protocol (NTP), port-based VLANs, Fast EtherChannel

and Gigabit EtherChannel technologies,

802.1Q VLAN tagging support, VTP, UplinkFast, Per VLAN Spanning Tree Plus (PVST+), Terminal Access

Controller Access Control System (TACACS+), and RADIUS .

Q. What are the highlights of the security features available on Cisco Catalyst 2955 Series switches?

A. The Cisco Catalyst 2955 offers enhanced data security through numerous security features. These features

allow customers to secure network management traffic by encrypting passwords and configuration information;

provide options for network security based on users, ports, or MAC addresses; and restrict access to sensitive areas

of the network.

Port-based ACPs restrict sensitive portions of the network by denying packets based on source and destination MAC

addresses, IP addresses, or TCP/UDP ports. ACP lookups are done in hardware; therefore, forwarding performance

is not compromised when implementing this type of security in the network.

Port security provides another means to ensure that appropriate users are on the network, by limiting access based

on MAC addresses. For authentication of users with a RADIUS server, 802.1x provides port-level security. 802.1x

extensions include 802.1x with port security on a per-port basis, 802.1x with voice VLAN, and 802.1x with VLAN

assignment.