Cisco Systems 2960 Manuale Utente
1-13
Catalyst 2960 and 2960-S Switch Software Configuration Guide
OL-8603-09
Chapter 1 Overview
Features
•
Support for critical VLAN with multiple-host authentication so that when a port is configured for
multi-auth, and an AAA server becomes unreachable, the port is placed in a critical VLAN in order
to still permit access to critical resources.
multi-auth, and an AAA server becomes unreachable, the port is placed in a critical VLAN in order
to still permit access to critical resources.
•
Customizable web authentication enhancement to allow the creation of user-defined login, success,
failure and expire web pages for local web authentication.
failure and expire web pages for local web authentication.
•
Support for Network Edge Access Topology (NEAT) to change the port host mode and to apply a
standard port configuration on the authenticator switch port.
standard port configuration on the authenticator switch port.
•
VLAN-ID based MAC authentication to use the combined VLAN and MAC address information for
user authentication to prevent network access from unauthorized VLANs.
user authentication to prevent network access from unauthorized VLANs.
•
MAC move to allow hosts (including the hosts connected behind an IP phone) to move across ports
within the same switch without any restrictions to enable mobility. With MAC move, the switch
treats the reappearance of the same MAC address on another port in the same way as a completely
new MAC address.
within the same switch without any restrictions to enable mobility. With MAC move, the switch
treats the reappearance of the same MAC address on another port in the same way as a completely
new MAC address.
•
Support for 3DES and AES with version 3 of the Simple Network Management Protocol (SNMPv3).
This release adds support for the 168-bit Triple Data Encryption Standard (3DES) and the 128-bit,
192-bit, and 256-bit Advanced Encryption Standard (AES) encryption algorithms to SNMPv3.
This release adds support for the 168-bit Triple Data Encryption Standard (3DES) and the 128-bit,
192-bit, and 256-bit Advanced Encryption Standard (AES) encryption algorithms to SNMPv3.
QoS and CoS Features
•
Automatic QoS (auto-QoS) to simplify the deployment of existing QoS features by classifying
traffic and configuring egress queues
traffic and configuring egress queues
Note
To use auto-QoS, the switch must be running the LAN Base image.
•
Classification
–
IP type-of-service/Differentiated Services Code Point (IP ToS/DSCP) and IEEE 802.1p CoS
marking priorities on a per-port basis for protecting the performance of mission-critical
applications
marking priorities on a per-port basis for protecting the performance of mission-critical
applications
Note
To use DSCP, the switch must be running the LAN Base image.
–
IP ToS/DSCP and IEEE 802.1p CoS marking based on flow-based packet classification
(classification based on information in the MAC, IP, and TCP/UDP headers) for
high-performance quality of service at the network edge, allowing for differentiated service
levels for different types of network traffic and for prioritizing mission-critical traffic in the
network
(classification based on information in the MAC, IP, and TCP/UDP headers) for
high-performance quality of service at the network edge, allowing for differentiated service
levels for different types of network traffic and for prioritizing mission-critical traffic in the
network
Note
To use flow-based packet classification, the switch must be running the LAN Base image.
–
Trusted port states (CoS, DSCP, and IP precedence) within a QoS domain and with a port
bordering another QoS domain
bordering another QoS domain
–
Trusted boundary for detecting the presence of a Cisco IP Phone, trusting the CoS value
received, and ensuring port security
received, and ensuring port security