Figure 1. Cisco Catalyst Blade Switch 3032 for Dell M1000e
• 16 internal 1000BASE ports connected to servers through the Dell M1000e backplane
• Up to 8 Gigabit Ethernet uplink ports: 4 10/100/1000BASE-T ports and 4 Small Form-Factor Pluggable (SFP) Gigabit Ethernet ports (using Cisco TwinGig Converter Modules in the X2 slots)
• One external console port
Features and Benefits
Intelligence in the Server Access Network
• Secure, to protect confidential information
• Highly available, to meet on time-critical needs
• Capable of differentiating and controlling traffic flows to handle the increasing number of critical business applications
• Easily manageable, to reduce operational expenses
Basic IP Routing
Table 1. Features and Benefits
Features and Benefits
Ease of use and ease of deployment
• Integration with the chassis management controller (CMC) in the Dell PowerEdge M1000e enclosure enables customers to configure IP address and access the console.
• Cisco Device Manager simplifies initial configuration using a Web browser.
• DHCP autoconfiguration of multiple switches through a boot server eases switch deployment.
• Autosensing detects the speed of the upstream switch and automatically configures each 10/100/1000 uplink port for 10-, 100-, or 1000-Mbps operation, easing switch deployment in mixed 10, 100, and 1000BASE-T environments.
• Autonegotiation on 10/100/1000 ports automatically selects half- or full-duplex transmission mode to optimize bandwidth.
• Dynamic Trunking Protocol (DTP) enables dynamic trunk configuration across all switch ports.
• Port Aggregation Protocol (PAgP) automates the creation of Cisco Fast EtherChannel ® groups or Gigabit EtherChannel groups to link to the upstream switch or router or server blades.
• Link Aggregation Control Protocol (LACP) allows the creation of Ethernet channeling with upstream switches that conform to IEEE 802.3ad. This feature is similar to Cisco EtherChannel technology and PAgP.
• Auto-media-dependent interface crossover (MDIX) automatically adjusts transmit and receive pairs if an incorrect cable type (crossover or straight-through) is installed on a copper 10/100/1000BASE-T port.
• Combo ports support an auto-media detect feature. No special configuration is required if a copper interface is used instead of the SFP.
• DHCP Relay allows a DHCP relay agent to broadcast DHCP requests to the network DHCP server.
• The default configuration stored in flash memory helps ensure that the switch can be quickly connected to the network and can pass traffic with minimal user intervention.
Availability and Scalability
Superior redundancy for fault backup
• IEEE 802.1D Spanning Tree Protocol support for redundant backbone connections and loop-free networks simplifies network configuration and improves fault tolerance.
• Cisco UplinkFast and BackboneFast technologies help ensure quick failover recovery, enhancing overall network stability and reliability.
• Per-VLAN Rapid Spanning Tree (PVRST+) allows rapid spanning-tree convergence on a per-VLAN spanning-tree basis, without requiring the implementation of spanning-tree instances.
• PVST+ allows Layer 2 load sharing on redundant links to efficiently use the extra capacity inherent in a redundant design.
• IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) allows a spanning-tree instance per VLAN and enables each VLAN to use a different uplink, allowing better utilization of uplinks.
• IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) provides rapid spanning-tree convergence independent of spanning-tree timers.
• Unidirectional Link Detection (UDLD) and Aggressive UDLD allow unidirectional links to be detected and disabled to avoid problems such as spanning-tree loops.
• VLAN1 minimization allows VLAN1 to be disabled on any individual VLAN trunk link.
• VLAN Trunking Protocol (VTP) pruning limits bandwidth consumption on VTP trunks by flooding broadcast traffic only on trunk links required to reach the destination devices.
• The Trunk Failover feature allows rapid failover to the redundant switch in the blade enclosure if all uplinks from the primary switch fail. When the uplinks fail, the switch shuts down the ports connected to the blade servers and lets network interface card (NIC) teaming software direct traffic to the redundant switch. This feature is also known as Link State Tracking.
• Switch port autorecovery (errdisable) automatically attempts to reenable a link that is disabled because of a network error.
• Power and cooling resiliency are provided through redundant power and cooling capabilities from the blade enclosure.
• Bandwidth aggregation of up to 6 Gbps through Gigabit EtherChannel technology enhances fault tolerance and offers higher-speed aggregated bandwidth between this integrated switch and upstream switches and routers.
• Per-port broadcast, multicast, and unicast storm control prevents faulty servers from degrading overall system performance.
• Internet Group Management Protocol (IGMP) snooping provides fast client joins and leaves of multicast streams and limits bandwidth-intensive video traffic to only the requestors.
• Multicast VLAN Registration (MVR) continuously sends multicast streams in a multicast VLAN while isolating the streams from subscriber VLANs for bandwidth and security reasons.
• Wire-rate performance enables highly granular QoS functions (for example, granular rate limiting).
• Asynchronous data flows upstream and downstream from the end station or on an uplink are easily managed using ingress policing and egress shaping.
• IEE 802.1p CoS and DSCP field classification are provided, using marking and reclassification on a per-packet basis by source and destination IP address, source and destination MAC address, or Layer 4 TCP or UDP port number.
• Rate limiting is provided based on source and destination IP address, source and destination MAC address, Layer 4 TCP or UDP information, or any combination of these fields, using QoS ACLs (IP ACLs or MAC ACLs), class maps, and policy maps.
• Up to 64 aggregate or individual policers per port are allowed.
• Cisco control plane and data plane QoS ACLs on all ports help ensure proper marking on a per-packet basis.
• 4 egress queues per port enable differentiated management of up to 4 traffic flows.
• SRR scheduling helps ensure differential prioritization of packet flows by intelligently servicing the egress queues.
• Weighted Tail Drop (WTD) provides congestion avoidance at the ingress and egress queues before a disruption occurs.
• Strict priority queuing guarantees that the highest-priority packets are serviced ahead of all other traffic.
• The Cisco Committed Information Rate (CIR) function guarantees bandwidth in increments as low as 8 Kbps.
Networkwide security features
• IEEE 802.1x allows dynamic, port-based security, providing server authentication.
• IEEE 802.1x with VLAN assignment allows a dynamic VLAN assignment for a specific server, regardless of where the server is connected.
• IEEE 802.1x and port security are provided to authenticate the port and manage network access for all MAC addresses, including those of the server.
• IEEE 802.1x with an ACL assignment allows specific identity-based security policies, regardless of where the server is connected.
• IEEE 802.1x with guest VLAN allows servers without IEEE 802.1x clients to have limited network access on the guest VLAN.
• Cisco security VLAN ACLs (VACLs) on all VLANs prevent unauthorized data flows from being bridged within VLANs.
• Port-based ACLs (PACLs) allow security policies to be applied on individual switch ports.
• SSHv2, Kerberos, and SNMPv3 provide network security by encrypting administrator traffic during Telnet and SNMP sessions. SSH, Kerberos, and the cryptographic version of SNMPv3 require a special cryptographic software image because of U.S. export restrictions.
• Secure Sockets Layer (SSL) provides a secure means to use Web-based tools such as HTML-based device managers.
• Private VLAN Edge provides security and isolation between switch ports, helping ensure that users cannot snoop on other users' traffic.
• Bidirectional data support on the Switched Port Analyzer (SPAN) port allows the Cisco Secure Intrusion Detection System (IDS) [[PLS PROVIDE FULL PRODUCT NAME; NOT ON MDS]] to take action when an intruder is detected.
• TACACS+ and RADIUS authentication enables centralized control of the switch and restricts unauthorized users from altering the configuration.
• MAC address notification allows administrators to be notified of servers added to or removed from the network.
• Port security secures access to an access or trunk port based on the MAC address.
• After a specific time period, the Aging feature removes the MAC address from the switch to allow another server to connect to the same port.
• Multilevel security on console access prevents unauthorized users from altering the switch configuration.
• The user-selectable address-learning mode simplifies configuration and enhances security.
• BPDU Guard shuts down Spanning Tree Protocol PortFast-enabled interfaces when BPDUs are received to avoid accidental topology loops.
• Spanning Tree Root Guard (STRG) prevents edge devices not in the network administrator's control from becoming Spanning Tree Protocol root nodes.
• IGMP filtering provides multicast authentication by filtering out nonsubscribers and limits the number of concurrent multicast streams available per port.
• Dynamic VLAN assignment is supported through implementation of the VLAN Membership Policy Server (VMPS) client function to provide flexibility in assigning ports to VLANs. Dynamic VLAN enables the fast assignment of IP addresses.
• 1000 security access control entries are supported.
• Dynamic Address Resolution Protocol (ARP) Inspection (DAI) helps ensure user integrity by preventing malicious users from exploiting the insecure nature of ARP.
• DHCP Snooping prevents malicious users from spoofing a DHCP server and sending out bogus addresses. This feature is used by other primary security features to prevent a number of other attacks such as ARP poisoning.
• IP Source Guard prevents a malicious user from spoofing or taking over another user's IP address by creating a binding table between the client's IP and MAC address, port, and VLAN.
• Private VLANs restrict traffic between hosts in a common segment by segregating traffic at Layer 2, turning a broadcast segment into a nonbroadcast multi-access-like segment.
High-Performance Basic IP Routing
Cisco Express Forwarding hardware routing architecture delivers basic high-performance IP unicast routing. Protocols supported include:
• Static Routes
• Routing Information Protocol Version 1 (RIPv1) and RIPv2
• EIGRP Stub
• Cisco IOS Software CLI support provides a user interface and command set in common with all Cisco routers and Cisco Catalyst desktop switches.
• Cisco Service Assurance Agent (SAA) support facilitates service-level management throughout the LAN.
• VLAN trunks can be created from any port, using either standards-based IEEE 802.1Q tagging or the Cisco Inter-Switch Link (ISL) VLAN architecture.
• Up to 1005 VLANs per switch and up to 128 spanning-tree instances per switch are supported.
• 4096 VLAN IDs are supported.
• Cisco VTP supports dynamic VLANs and dynamic trunk configuration across all switches.
• IGMP snooping provides fast client joins and leaves of multicast streams and limits bandwidth-intensive video traffic to only the requestors.
• Remote SPAN (RSPAN) allows administrators to remotely monitor ports in a Layer 2 switch network from any other switch in the same network.
• For enhanced traffic management, monitoring, and analysis, the Embedded Remote Monitoring (RMON) software agent supports four RMON groups: history, statistics, alarms, and events.
• Layer 2 traceroute eases troubleshooting by identifying the physical path that a packet takes from source to destination.
• All four RMON groups are supported through a SPAN port, which permits traffic monitoring of a single port, a group of ports from a single network analyzer, or an RMON probe.
• The Domain Name System (DNS) provides IP address resolution with user-defined device names.
• Trivial File Transfer Protocol (TFTP) reduces the cost of administering software upgrades by enabling downloading from a centralized location.
• Network Time Protocol (NTP) provides an accurate and consistent timestamp for all intranet switches.
• Multifunction LEDs are provided per port to show port status, and switch-level status LEDs are provided for the system.
Cisco Device Manager
Cisco Device Manager simplifies initial configuration of a switch through a Web browser.
The Web interface enables less-skilled personnel to quickly and simply set up switches, thereby reducing the cost of deployment.
Cisco Network Assistant
A PC-based network management application designed for server administrators in small to medium-sized data centers, Cisco Network Assistant offers centralized network management and configuration capabilities. This application also features an intuitive GUI where users can easily apply common services across Cisco switches and routers, such as the following:
• Configuration management
• Troubleshooting advice
• Inventory reports
• Event notification
• Network security settings
• Password synchronization
• Drag-and-drop Cisco IOS Software upgrades
• Secure wireless
For detailed information about Cisco Network Assistant, visit http://www.cisco.com/go/cna.
• CiscoWorks network management software provides management capabilities on a per-port and per-switch basis, providing a common management interface for Cisco routers, switches, and hubs.
• SNMPv1, v2c, and v3 and Telnet interface support delivers comprehensive in-band management, and a CLI-based management console provides detailed out-of-band management.
• Cisco Discovery Protocol Versions 1 and 2 enable a CiscoWorks network management station for automatic switch discovery.
Table 2. Hardware Specifications
Table 3. Management and Standards Support
Table 4. Safety and Compliance
Service and Support
Table 5. Service and Support
Table 6. Ordering Information
For More Information
• United States and Canada: (toll free) 800 553-6387
• Europe: 32 2 778 4242
• Australia: 612 9935 4107
• Other: 408 526-7209