Cisco announces Cisco IOS® Software updates for Cisco Catalyst® 3750-E, 3750, 3560-E, 3560, 2975, and 2960 Series Switches, Cisco Catalyst 3750V2 and 3560V2 Switches; Cisco® Industrial Ethernet (IE) 3000 Series Switches; and Cisco Catalyst Blade Switch 3000 and 3100 platforms. This release introduces the Cisco Smart Install technology, expands the reach of the Cisco EnergyWise and Auto SmartPorts technologies, and adds several enhancements for identity-based networking services, manageability, and security.
• Ease of use and manageability enhancements: This release incorporates critical manageability technologies such as Auto SmartPorts enhancements and Smart Install, which are meant to reduce time of deployment and deployment costs in heterogeneous switch and endpoint device environments. In particular, Smart Install introduces the capability of plug-and-play switch deployment and configuration, while the Auto SmartPorts enhancements allow the network infrastructure to be autoprovisioned when connected to video devices such as Cisco Digital Media Players and Cisco Video Surveillance IP Cameras. These enhancements are discussed in more detail in the "Ease-of-Use and Manageability Enhancements" section of this document.
• Medianet enhancements: The Cisco medianet enables intelligent services in the network infrastructure for a wide variety of video applications. One medianet service is switch-port autoprovisioning for video endpoints including Cisco Digital Media Players and Cisco Video Surveillance IP Cameras through Auto SmartPorts.
• Identity-based networking: This release enhances Cisco Identity-Based Networking Services (IBNS) with several important additions to improve mobility and manageability and to increase scalability and flexibility in certain configurations. The release also expands the integration of Cisco IBNS with other technologies, such as Cisco IOS Embedded Event Manager (EEM) and Auto SmartPorts. The Cisco IBNS enhancements are discussed in more detail in the "Identity Enhancements" section.
• Cisco EnergyWise enhancements: Cisco EnergyWise Phase 2 includes advanced security and a new infrastructure for partners to embed Cisco EnergyWise in endpoint devices.
• IP Version 6 (IPv6) quality of service (QoS): This release adds support for the IPv6 QoS trust capability on the Cisco Catalyst 3750 and 3560 Series Switches, 3750V2 and 3560V2 switches, and Cisco Catalyst Blade Switch 3000 platform. It also adds full QoS support for IPv6 traffic on the Cisco Catalyst 3750E and 3560E Series Switches and Cisco Catalyst Blade Switch 3100 platform.
• Link Layer Discovery Protocol (LLDP) based power assignment: Enhanced support for LLDP media endpoint devices (MEDs) allows the switch to grant power to the power device based on the device's power policy type-length-value (TLV) request.
• Triple Data Encryption Standard (3DES) and Advanced Encryption Standard (AES) support with Simple Network Management Protocol Version 3 (SNMPv3): This release adds support for the 168-bit 3DES and the 128-bit, 192-bit, and 256-bit AES encryption algorithms to SNMPv3.
• IP source guard (IPSG) for static hosts: IP source guard for static hosts extends the IP source guard capability to environments with statically configured hosts (environments that are not Dynamic Host Configuration Protocol [DHCP] based).
• DHCP snooping ASCII circuit ID: This DHCP snooping enhancement supports the selection of a fixed-string format for the circuit ID suboption of the Option 82 DHCP field.
• Dense Wavelength-Division Multiplexing (DWDM) X2 support: This release supports 32 10 Gigabit Ethernet DWDM X2 optical modules on the Cisco Catalyst 3750-E and 3560-E Series.
• Qualification of eight additional DWDM SFP modules: This release adds support for eight additional DWDM SFP optical modules (Table 1).
Table 1. Additional DWDM SFP Modules
• Support for the Cisco TwinGig Converter Module (model CVR-X2-SFP) on the Cisco Catalyst Blade Switch 3100 platform.
• Industrial premium Cisco IOS Packaging for the Cisco IE 3000 Series: This release introduces the availability on the Cisco IE 3000 Series of the IP services image, which includes support for Layer 3 routing protocols and advanced features.
• Common Industrial Protocol (CIP) enhancement: This enhancement adds the capability to configure DHCP parameters using CIP.
• PROFINET IO: PROFINET IO is the communication framework for distributed applications in the automation industry. This release adds a PROFINET IO stack to the Cisco IE 3000 Series.
Ease-of-Use and Manageability Enhancements
• Smart Install: Smart Install enables plug-and-play configuration and image distribution from a single point of management (director) in the network and therefore can reduce total cost of ownership (TCO) and operational expenses for the customer (Figure 1). It supports:
– Switch autoprovisioning; a director switch can help ensure that switches that cannot use Smart Install are upgraded appropriately
– Zero-touch image and configuration upgrades of newly deployed switches
– Single point of configuration for the entire network that uses Smart Install
Figure 1. Smart Install
• Auto SmartPorts enhancements with video extensions: The new Auto SmartPorts capabilities introduced in this release are:
– Macro persistency
– LLDP-based triggers
– MAC-address-based and organizational unique identifier (OUI) based triggers
– Remote macros
– Automatic configuration based on the following two new device types: Cisco Digital Media Players and Cisco Video Surveillance IP Cameras (Figure 2)
Figure 2. Auto SmartPorts
• VLAN Trunking Protocol Version 3 (VTPv3): Version 3 of the protocol includes support for configuring extended-range VLANs (VLANs 1006 to 4094) in any VTP mode, enhanced authentication (hidden or secret passwords), propagation of Multiple Spanning Tree Protocol (MSTP) and private VLANs database information, VTP primary and secondary servers, and the option to turn VTP on or off per port.
• Cisco IOS EEM 3.2: Cisco IOS EEM 3.2 introduces event detectors related to neighbor discovery, identity, and the MAC address table.
• DHCP option 12 for hostname configuration: If a switch receives DHCP option 12 as part of the DHCP message interaction while acquiring an IP address for an interface, then the hostname is set based on that option.
• LLDP MED MIB: This MIB provides manageability for the LLDP MED information.
• MAC move: MAC move allows hosts (including hosts connected behind phones) to move across ports within the same switch without any restrictions, enabling mobility. With MAC move, the switch treats the reappearance of the same MAC address on another port in the same way as a completely new MAC address.
• RADIUS change of authorization (CoA): RADIUS CoA provides a mechanism for changing the attributes of a session after it has been authenticated. When a change in authentication, authorization, and accounting (AAA) policy occurs for a user or user group, administrators can send the RADIUS CoA packets from the AAA server, such as the Cisco Secure Access Control Server (ACS), to reinitialize authentication and apply the new policies.
• IEEE 802.1x User Distribution: Deployments with multiple VLANs (for a group of users) can improve scalability of the network by load balancing users across different VLANs. Authorized users are assigned by the RADIUS server to the least populated VLAN in the group.
• Common session ID syslog integration: Identity-related syslog messages contain the session ID, which is used across the switches and the Cisco Secure ACS, aiding in troubleshooting and debugging.
• VLAN ID-based MAC authentication: VLAN ID-based MAC authentication uses the combined VLAN and MAC address information for user authentication to prevent network access from unauthorized VLANs.
• Critical VLAN with multi-auth: When a port is configured for multi-auth and an AAA server becomes unreachable, the port will be placed in a critical VLAN to still permit access to critical resources.
• CISCO-ADMISSION-POLICY-MIB support: This MIB provides session-based information about authenticated users and hosts.
• Customizable web authentication: This enhancement allows the creation of user-defined login, success, failure, and expiry web pages for local web authentication.
Product Support for New Features and Enhancements
Table 2. New Features in Cisco IOS Software Release 12.2(52)SE for the Cisco Catalyst 3750, 3750-E, 3560, and 3560-E Series and Cisco Catalyst 3750V2 and 3560V2 Switches
Table 3. New Features in Cisco IOS Software Release 12.2(52)SE for the Cisco Catalyst 2960 and 2975 Series, Cisco IE 3000 Series, and Cisco Catalyst Blade Switch 3000 and 3100 Platforms
Part Numbers for Supported Products
Table 4. Part Numbers for Cisco Catalyst Switches Software Licenses Supported by Cisco IOS Software Release 12.2(52)SE
• Cisco IOS Software upgrade planner: http://www.cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/iosplanner.cgi?majorRel=
• Guest-level access planner: http://www.cisco.com/kobayashi/sw-center/index.shtml
• Cisco Catalyst 3750-E Series Switches: http://www.cisco.com/go/3750-E
• Cisco Catalyst 3750 Series Switches: http://www.cisco.com/go/catalyst3750
• Cisco Catalyst 3560-E Series Switches: http://www.cisco.com/go/3560-E
• Cisco Catalyst 3560 Series Switches: http://www.cisco.com/go/catalyst3560
• Cisco Catalyst 2960 Series Switches: http://www.cisco.com/go/catalyst2960
• Cisco Catalyst 2975 Series Switches: http://www.cisco.com/go/2975
• Cisco Catalyst 3750-E, 3560-E, 3750, 3560, 2975, and 2960 Series release notes:
– Cisco Catalyst Blade Switches: http://www.cisco.com/en/US/products/ps6748/index.html
– Cisco IE 3000 Series Switches: http://www.cisco.com/en/US/products/ps9703/index.html
Software Image Migration Guide
Figure 3. Cisco IOS Software 12.2 Release Train