The Cisco Catalyst® 3550 Series Intelligent Ethernet Switches is a line of enterprise-class, stackable, multilayer switches that provide high availability, security and quality of service (QoS) to enhance the operation of the network. With a range of Fast Ethernet and Gigabit Ethernet configurations, the Catalyst 3550 Series can serve as both a powerful access layer switch for medium enterprise wiring closets and as a backbone switch for small networks. Customers can deploy network-wide intelligent services, such as advanced QoS, rate-limiting, Cisco security access control lists, multicast management, and high-performance IP routing-while maintaining the simplicity of traditional local area network (LAN) switching. Embedded in the Catalyst 3550 Series is the Cisco Cluster Management Suite (CMS) Software, which allows users to simultaneously configure and troubleshoot multiple Catalyst desktop switches using a standard Web browser. Cisco CMS Software provides new configuration wizards that greatly simplify the implementation of converged networks and intelligent network services.
The Catalyst 3550-24 PWR switch can provide a lower total cost of ownership for deployments that incorporate Cisco IP phones and/or Cisco Aironet wireless LAN access points. With up to 15 Watts of integrated inline power on every 10/100 port, the switch provides maximum device support and eases new technology deployments by eliminating the need for wall power to each IP phone or wireless LAN access point. Additionally, delivering power via the Catalyst 3550-24 PWR switch eliminates the cost for additional electrical cabling that would otherwise be necessary in wireless LAN and IP phone deployments. Maximum power availability for a converged voice and data network is attainable when a Catalyst 3550 Switch is combined with the Cisco Redundant Power System 675 (RPS 675) for seamless protection against internal power supply failures and an uninterruptable power supply (UPS) system to safeguard against power outages.
The Cisco Catalyst 3550 Series Intelligent Ethernet Switches include the following configurations:
• Catalyst 3550-24 Switch-24 10/100 ports and two Gigabit Interface Converter (GBIC)-based Gigabit Ethernet ports; 1 rack unit (RU)
• Catalyst 3550-24 PWR Switch-24 10/100 ports with integrated inline power and two GBIC-based Gigabit Ethernet ports; 1 RU
• Catalyst 3550-24-DC Switch-24 10/100 ports and two GBIC-based Gigabit Ethernet ports; 1 RU; DC-powered
• Catalyst 3550-24-FX Switch-24 100FX ports and two GBIC-based Gigabit Ethernet ports; 1 RU
• Catalyst 3550-48 Switch-48 10/100 ports and two GBIC-based Gigabit Ethernet ports; 1 RU
• Catalyst 3550-12G Switch-10 GBIC-based Gigabit Ethernet ports and two 10/100/1000BASE-T ports; 1.5 RU
• Catalyst 3550-12T Switch-10 10/100/1000BASE-T ports and two GBIC-based Gigabit Ethernet ports; 1.5 RU
The built-in Gigabit Ethernet ports accommodate a range of GBIC transceivers, including the Cisco GigaStack® GBIC, 1000BASE-T, 1000BASE-SX, 1000BASE-LX/LH, 1000BASE-ZX and CWDM GBICs. The dual GBIC-based Gigabit Ethernet implementation on the Fast Ethernet configurations provides customers tremendous deployment flexibility-allowing customers to implement one type of stacking and uplink configuration today, while preserving the option to migrate that configuration in the future. High levels of stack resiliency can also be implemented by deploying dual redundant Gigabit Ethernet uplinks, a redundant GigaStack GBIC loopback cable, UplinkFast and CrossStack UplinkFast technologies for high-speed uplink and stack interconnection failover, and Per VLAN Spanning Tree Plus (PVST+) for uplink load balancing. This Gigabit Ethernet flexibility makes the Catalyst 3550 switches an ideal LAN edge complement to the Cisco Catalyst 6500 family of Gigabit Ethernet optimized core LAN switches.
Included with the Catalyst 3550-24, 3550-24 PWR, 3550-24-DC, 3550-24-FX and 3550-48 are the Standard Multilayer Software Image (SMI) or the Enhanced Multilayer Software Image (EMI). The SMI feature set includes advanced QoS, rate-limiting, access control lists (ACLs), and basic static and routed information protocol (RIP) routing functionality. The EMI provides a richer set of enterprise-class features including advanced hardware-based IP unicast and multicast routing and the Web Cache Communication Protocol (WCCP). After initial deployment, the EMI Upgrade Kit gives users the flexibility to upgrade to the EMI. The Catalyst 3550-12T and 3550-12G are only available with the EMI.
Figure 1. Catalyst 3550 Series Switches
INTELLIGENCE IN THE NETWORK
Networks of today are evolving to address four new developments at the network edge:
• Increase in desktop computing power
• Introduction of bandwidth-intensive applications
• Expansion of highly sensitive data on the network
• Presence of multiple device types, such as IP phones and wireless LAN access points These new demands are contending for resources with many existing mission-critical applications. As a result,
IT professionals must view the edge of the network as critical to effectively manage the delivery of information and applications.
As companies increasingly rely on networks as the strategic business infrastructure, it is more important than ever to ensure their high availability, security, scalability and control. By adding Cisco intelligent functionality to the wiring closet, customers can now deploy network-wide intelligent services that address these requirements in a consistent way from the desktop to the core and through the WAN.
With Cisco Catalyst Intelligent Ethernet switches, Cisco enables companies to realize the full benefits of adding intelligent services into their networks. Deploying capabilities that make the network infrastructure highly available to accommodate time-critical needs, scalable to accommodate growth, secure enough to protect confidential information, and capable of differentiating and controlling traffic flows are key to further optimizing network operations.
NETWORK CONTROL THROUGH ADVANCED QUALITY OF SERVICE AND RATE LIMITING
The Cisco Catalyst 3550 offers superior Layer 3 granular QoS features to ensure that network traffic is classified, prioritized, and congestion is avoided in the best possible manner. Configuration of QoS is greatly simplified through automatic QoS (Auto QoS), a feature that detects Cisco IP phones and automatically configures the switch for the appropriate classification and egress queuing. This optimizes traffic prioritization and network availability without the challenge of a complex configuration.
The Catalyst 3550 can classify, reclassify, police, and mark the incoming packets before the packet is placed in the shared buffer. Packet classification allows the network elements to discriminate between various traffic flows and enforce policies based on Layer 2 and Layer 3 QoS fields.
To implement QoS, first, the Catalyst 3550 switches identify traffic flows, or packet groups, and classifies or reclassifies these groups using the Differentiated Services Code Point field (DSCP) and/or the 802.1p class of service (CoS) field. Classification and reclassification can be based on criteria as specific as the source/destination IP address, source/destination Media Access Control (MAC) address or the Layer 4 Transmission Control Protocol (TCP)/User Datagram Protocol (UDP) port. At the ingress, the Catalyst 3550 will also perform policing and marking of the packet. Control plane and data plane ACLs are supported on all ports to ensure proper policing and marking on a per packet basis.
After the packet goes through classification, policing, and marking, it is then assigned to the appropriate queue before exiting the switch. The Catalyst 3550 supports four egress queues per port, which allows the network administrator to be more discriminating and specific in assigning priorities for the various applications on the LAN. At egress, the switch performs scheduling and congestion control. Scheduling is an algorithm/process that determines the order in which the queues are processed. The switches support Weighted Round Robin (WRR) scheduling and strict priority queuing. The WRR queuing algorithm ensures that the lower priority packets are not entirely starved for bandwidth and are serviced without compromising the priority settings administered by the network manager. Strict priority queuing ensures that the highest priority packets will always get serviced first, ahead of all other traffic, and allows the other three queues to be serviced using WRR scheduling. In conjunction with scheduling, the Catalyst 3550 Gigabit Ethernet ports support congestion control via Weighted Random Early Detection (WRED). WRED avoids congestion by setting thresholds at which packets are dropped before congestion occurs.
These features allow network administrators to prioritize mission-critical and/or bandwidth-intensive traffic, such as Enterprise Resource Planning (ERP) (Oracle, SAP, etc.), voice (IP telephony traffic) and CAD/CAM over less time-sensitive applications such as FTP or e-mail (Simple Mail Transfer Protocol [SMTP]). For example, it would be highly undesirable to have a large file download destined to one port on a wiring closet switch and have quality implications such as increased latency in voice traffic, destined to another port on this switch. This condition is avoided by ensuring that voice traffic is properly classified and prioritized throughout the network. Other applications, such as Web browsing, can be treated as low priority and handled on a best-efforts basis.
The Cisco Catalyst 3550 is capable of performing rate limiting via its support of the Cisco Committed Information Rate (CIR) functionality. Through CIR, bandwidth can be guaranteed in increments as low as 8 Kbps. Bandwidth can be allocated based on several criteria including MAC source address, MAC destination address, IP source address, IP destination address, and TCP/UDP port number. Bandwidth allocation is essential in network environments requiring service-level agreements or when it is necessary for the network manager to control the bandwidth given to certain users. Each Catalyst 3550 switch 10/100 port supports 8 aggregate or individual ingress policers and 8 aggregate egress policers. Each Catalyst 3550 Gigabit Ethernet port supports 128 aggregate or individual policers and 8 aggregate egress policers. This gives the network administrator very granular control of the LAN bandwidth.
NETWORK SCALABILITY THROUGH HIGH-PERFORMANCE IP ROUTING
With hardware-based IP routing and the Enhanced Multilayer Software Image, the Catalyst 3550 switches deliver high performance dynamic IP routing. The Cisco Express Forwarding (CEF)-based routing architecture allows for increased scalability and performance. This architecture allows for very high-speed lookups while also ensuring the stability and scalability necessary to meet the needs of future requirements. In addition to dynamic IP unicast routing, the Catalyst 3550 Series is perfectly equipped for networks requiring multicast support. Multicast routing protocol (PIM) and Internet Group Management Protocol (IGMP) snooping in hardware make the Catalyst 3550 Series switches ideal for intensive multicast environments.
These switches offer several advantages to improve network performance when used as a stackable wiring closet switch or as a top-of-the-stack wiring closet aggregator switch. For example, implementing routed uplinks from the top of the stack will improve network availability by enabling faster failover protection and simplifying the Spanning-Tree Protocol algorithm by terminating all Spanning-Tree Protocol instances at the aggregator switch. If one of the uplinks fails, quicker failover to the redundant uplink can be achieved via a scalable routing protocol such as Open Shortest Path First (OSPF) or Enhanced Interior Gateway Routing Protocol (EIGRP) rather than relying on standard Spanning-Tree Protocol convergence. Redirection of a packet after a link failure via a routing protocol results in faster failover than a solution that uses Layer 2 Spanning Tree enhancements. Additionally, routed uplinks allow better bandwidth utilization by implementing equal cost routing (ECR) on the uplinks to perform load balancing. This results in dynamic load balancing in a part of the network that often acts as the bottleneck. And, routed uplinks optimize the utility of uplinks out of the wiring closet by eliminating unnecessary broadcast data flows into the network backbone.
The Catalyst 3550 also offers dramatic bandwidth savings as a stackable wiring closet switch in a multicast environment. Using routed uplinks to the network core will eliminate the requirement to transmit multiple streams of the same multicast from the upstream content servers to the wiring closet. For example, if three users are assigned to three separate virtual LANs (VLANs) and they all want to view multicast ABC, then three streams of multicast ABC are required to be transmitted from the upstream router to the wiring closet switch-assuming the wiring closet switch is not capable of routed uplinks. Deploying IP routing to the core with Catalyst 3550 switches allows users to create a scalable, multicast- rich network.
NETWORK SECURITY THROUGH ENHANCED SECURITY FEATURES
The Cisco Catalyst 3550 Series switches offer enhanced data security through a wide range of security features that protect network management and administrative traffic, secure the network from unauthorized users, provide granular levels of network access to users, and track where users are located.
Secure Shell (SSH), Kerberos, and Simple Network Management Protocol version 3 (SNMPv3) encrypt administrative and network management information, thereby protecting it from tampering or eavesdropping. Terminal Access Controller Access Control System (TACACS+) or Remote Access Dial-In User Service (RADIUS) authentication enables centralized access control of switches and restricts unauthorized users from altering the configurations. Alternatively, a local username and password database can be configured on the switch itself. Fifteen levels of authorization on the switch console and two levels on the web-based management interface provide the ability to give different levels of configuration capabilities to different administrators.
Port security and 802.1x provide the ability to keep unauthorized users from accessing the network. Port security limits access on an Ethernet port based on the MAC address of the device that is connected to it. It can also be used to limit the total number of devices plugged into a switch port, thereby reducing the risks of rogue wireless access points or hubs. 802.1x can be used to authenticate users based on username and password (or other credentials) via a centralized RADIUS server. This is particularly useful for a mobile workforce because the authentication will be executed regardless of where the user connects to the network.
ACLs restrict access to sensitive portions of the network by denying packets based on source and destination MAC addresses, IP addresses, or TCP/UDP ports. ACL lookups are done in hardware; therefore, forwarding and routing performance is not compromised when implementing ACL-based security in the network. Catalyst 3550 Series switches offer VLAN, router and port-based ACLs. Deploying ACLs can be done through Cisco CMS Software Security Wizards, which in a few easy steps can restrict user access to a server, a portion of the network, or the usage of certain applications.
Identity-based Networking Services (IBNS) provide the ability to dynamically administer granular levels of network access. Leveraging the 802.1x standard and Cisco's Access Control Server (ACS), when users authenticate they can be assigned a VLAN and/or an ACL regardless of where they connect to the network. This functionality allows IT departments to enable strong security policies without compromising user mobility and with minimal administrative overhead.
The MAC Address Notification feature can be used to monitor the network and track users by sending an alert to a management station so that network administrators know when and where users entered the network. The Dynamic Host Configuration Protocol (DHCP) Interface Tracker (Option 82) feature tracks where a user is physically connected on a network by providing both switch and port ID to a DHCP Server.
VLANs ensure that data packets are forwarded only to stations within a specific subnet, creating a separate collision domain between groups of ports on the network and reducing broadcast transmission. VLAN trunks can be created from any port using the standards-based 802.1Q or Cisco Inter-Switch Link (ISL) VLAN trunking architecture. The Cisco Catalyst 3550 switches support up to 1,005 VLANs.
For even greater security between network end-stations, Private VLAN Edge isolates ports on a switch, ensuring that users cannot snoop on other users' traffic. Local Proxy Address Resolution Protocol (ARP) works in conjunction with private VLAN edge to minimize broadcasts and maximize available bandwidth.
NETWORK MANAGEMENT WITH THE CISCO CLUSTER MANAGEMENT SUITE SOFTWARE
The Cisco CMS is Web-based software that is embedded in Catalyst 3550, 2950, 3500 XL, 2900 XL, 2900 LRE XL, and 1900 switches. Through Cisco Switch Clustering technology, users access Cisco CMS with any standard Web browser to manage up to 16 of these switches at once, regardless of their physical proximity-with the option of using a single IP address for the entire cluster if desired. With the addition of the Catalyst 3550 switches, Cisco CMS Software can now extend beyond routed boundaries for even more flexibility in managing a Cisco cluster.
Cisco CMS provides an integrated management interface for delivering intelligent services, such as multilayer switching, QoS, multicast, and security ACLs. Thus, Cisco CMS allows administrators to take advantage of benefits formerly reserved for only the most advanced networks without having to learn the command-line interface (CLI) or even the details of the technology.
The new Guide Mode in Cisco CMS leads the user step-by-step through the configuration of high-end features and provides enhanced online help for context-sensitive assistance. In addition, Cisco AVVID (Architecture for Voice, Video and Integrated Data) Wizards provide automated configuration of the switch to optimally support video streaming or videoconferencing, voice over IP (VoIP), and mission-critical applications. Additional wizards for LAN security and multicast traffic are available too. These Wizards can save hours of time for network administrators, eliminate human errors, and ensure the configuration of the switch is optimized for these applications.
Because Cisco Switch Clustering technology is not limited to a single stack of switches, Cisco CMS expands the traditional cluster domain beyond a single wiring closet and saves time and effort for network administrators. The switches must merely be connected to each other via Ethernet, Fast Ethernet, Fast EtherChannel®, Gigabit Ethernet, Gigabit EtherChannel, and/or GigaStack connectivity.
Cisco Catalyst 3550 switches can be configured either as command or member switches in a Cisco switch cluster. Cisco CMS also allows the network administrator to designate a standby or redundant command switch, which takes the commander duties should the primary command switch fail. Other key features include the ability to configure multiple ports and switches simultaneously, perform software updates across the entire cluster at once, and clone configurations to other clustered switches for rapid network deployments. Bandwidth graphs and link reports provide useful diagnostic information and the topology map gives network administrators a quick view of the network status.
In addition to Cisco CMS, the Catalyst 3550 products are manageable via CiscoWorks products, which provide full enterprise-class network management. CiscoWorks Resource Manager Essentials (RME) can be used to perform network-wide software upgrades, configuration file audits, configuration file distribution, and inventory reports. Additional tools include the Campus Manager, CiscoView, Device Fault Manager (DFM), QoS Policy Manager (QPM), User Registration Tool, and many others. For smaller networks, CiscoWorks Small Network Management Solution (SNMS) provides advanced network management capabilities to reduce IT administrative overhead.
Table 1. Product Features and Benefits
High-Performance IP Routing
• Cisco Express Forwarding (CEF)-based routing architecture performed in hardware to deliver extremely high-performance IP routing.
• Support for basic IP unicast routing protocols (static, RIPv1, RIPv2) for small network routing applications.
• Support for advanced IP unicast routing protocols (OSPF, IGRP, EIGRP, BGPv4) for load balancing and constructing scalable LANs - requires EMI.
• Inter-VLAN IP routing for full Layer 3 routing between two or more VLANs.
• Equal cost routing for load balancing and redundancy.
• Protocol-Independent Multicast (PIM) for IP multicast routing within a network that enables the network to receive the multicast feed requested and for switches not participating in the multicast to be pruned support for PIM sparse mode (PIM-SM), PIM dense mode (PIM-DM), and PIM sparse-dense mode - requires EMI.
• Distance Vector Multicast Routing Protocol (DVMRP) tunneling for interconnecting two multicast-enabled networks across non-multicast networks-requires EMI.
• Fallback bridging for forwarding of non-IP traffic between two or more VLANs.
• Cisco Hot Standby Router Protocol (HSRP) to create redundant fail-safe routing topologies.
Superior Redundancy for Fault Backup
• Cisco UplinkFast/BackboneFast technologies ensure quick fail-over recovery enhancing overall network stability and reliability. CrossStack UplinkFast (CSUF) technology provides increased redundancy and network resiliency through fast spanning-tree convergence (less than two seconds) across a stack of switches using GigaStack GBICs in an independent stack backplane cascaded configuration.
• IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) provides rapid convergence of the spanning tree independent of spanning-tree timers.
• Supports Cisco HSRP to create redundant fail-safe routing topologies.
• Redundant stacking connections provide support for a redundant loopback connection for top and bottom switches in an independent stack backplane cascaded configuration.
• Command switch redundancy enabled in the CMS Software allows customers to designate a backup command switch that takes over cluster management functions if the primary command switch fails.
• Provides unidirectional link detection (UDLD) and Aggressive UDLD for detecting and disabling unidirectional links on fiber-optic interfaces caused by incorrect fiber-optic wiring or port faults.
• Switch port Auto-recovery (or "errDisable") automatically attempts to re-enable a link that becomes disabled due to a network error.
• Support for Cisco's optional Redundant Power System 300 (RPS 300 supports all Catalyst 3550 Switches except the Catalyst 3550-24 PWR) and/or the Redundant Power System 675 (RPS 675 supports all Catalyst 3550 Switches) that provides superior internal power source redundancy for up to six Cisco networking devices resulting in improved fault tolerance and network uptime.
Integrated Cisco IOS Features for Bandwidth Optimization
• Bandwidth aggregation of up to 16 Gbps through Gigabit EtherChannel technology and up to 1.6 Gbps through Fast EtherChannel technology enhances fault tolerance and offers higher speed aggregated bandwidth between switches, to routers and individual servers. Per-port broadcast, multicast, and unicast storm control prevents faulty end stations from degrading overall systems performance.
• WCCP allows the interaction with a web cache for the purpose of redirecting content requests to a cache and performing basic load balancing across multiple caches-requires EMI.
• IEEE 802.1D Spanning-Tree Protocol support for redundant backbone connections and loop-free networks simplifies network configuration and improves fault tolerance.
• PVST+ allows for Layer 2 load sharing on redundant links to efficiently utilize the extra capacity inherent in a redundant design.
• IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) allows a spanning tree instance per VLAN enabling Layer 2 load sharing on redundant links.
• Equal cost routing for Layer 3 load balancing and redundancy
• Local Proxy ARP works in conjunction with private VLAN edge to minimize broadcasts and maximize available bandwidth.
• VLAN Trunking Protocol (VTP) pruning limits bandwidth consumption on VTP trunks by flooding broadcast traffic only on trunk links required to reach the destination devices.
• IGMP snooping provides for fast client joins and leaves of multicast streams and limits bandwidth-intensive video traffic to only the requestors.
• Multicast VLAN Registration (MVR) continuously sends multicast streams in a multicast VLAN while isolating the streams from subscriber VLANs for bandwidth and security reasons.
Ultra-Flexible and Scalable Stacking
• The Cisco GigaStack GBIC delivers a hardware-based, independent stacking bus with up to 2 Gbps forwarding rate in a point-to-point configuration, or 1 Gbps forwarding bandwidth when daisy chained with up to nine switches.
Ease of Use and Ease of Deployment
• Auto-configuration eases deployment of switches in the network by automatically configuring multiple switches across a network via a boot server. Automatic QoS (Auto QoS) greatly simplifies the configuration of QoS in VoIP networks by issuing interface and global switch commands that allow the detection of Cisco IP phones, the classification of traffic, and egress queue configuration.
• Auto-sensing on each non-GBIC port detects the speed of the attached device and automatically configures the port for 10-, 100-, or 1000-Mbps operation, easing the deployment of the switch in mixed 10, 100, and 1000BASE-T environments.
• Auto-negotiating on all ports automatically selects half-or full-duplex transmission mode to optimize bandwidth.
• Dynamic Trunking Protocol (DTP) enables dynamic trunk configuration across all ports in the switch.
• Port Aggregation Protocol (PAgP) automates the creation of Cisco Fast EtherChannel or Gigabit EtherChannel groups, enabling linking to another switch, router, or server.
• Link Aggregation Control Protocol (LACP) allows the creation of Ethernet channeling with devices that conform to IEEE 802.3ad. This is similar to Cisco's EtherChannel and PAgP.
• DHCP relay allows a broadcast DHCP request to be forwarded to the network DHCP server.
• IEEE 802.3z-compliant 1000BASE-SX, 1000BASE-LX/LH, 1000BASE-ZX, and 1000BASE-T physical interface support through a field-replaceable GBIC module provides customers unprecedented flexibility in switch deployment.
• The default configuration stored in Flash ensures that the switch can be quickly connected to the network and can pass traffic with minimal user intervention.
• Bridge protocol data unit (BPDU) guard shuts down Spanning-Tree Protocol PortFast-enabled interfaces when BPDUs are received to avoid accidental topology loops.
• Spanning-tree root guard (STRG) prevents edge devices not in the network administrator's control from becoming Spanning-Tree Protocol root nodes.
• IGMP Filtering provides multicast authentication by filtering out non-subscribers and limits the number of concurrent multicast streams available per port.
• Private VLAN edge provides security and isolation between ports on a switch, ensuring that users cannot snoop on other users' traffic.
• Trusted Boundary provides the ability to trust the QoS priority settings if an IP phone is present and disable the trust setting in the event that the IP phone is removed, thereby preventing a malicious user from overriding prioritization policies in the network.
• Switch Port Analyzer (SPAN) for Cisco Secure Intrusion Detection System (IDS) support allows the IDS to take action when an intruder is detected.
• The user-selectable address-learning mode simplifies configuration and enhances security.
• Cisco CMS Software Security Wizards ease the deployment of security features for restricting user access to a server, a portion of the network or access to the network.
Network Administration Security
• TACACS+ and RADIUS authentication to enable centralized control of the switch and restrict unauthorized users from altering the configuration. Multilevel security on console access prevents unauthorized users from altering the switch configuration.
• SSH, Kerberos, and SNMPv3 provides network security by encrypting administrator traffic during Telnet and SNMP sessions-SSH, Kerberos, and the crypto version of SNMPv3 require a special crypto software image due to US export restrictions.
User and Device Authentication
• IEEE 802.1x for dynamic port-based security to prevent unauthorized clients from gaining access to the network.
• Port Security secures the access to a port based on the MAC address of a users device. The aging feature removes the MAC address from the switch after a specific timeframe to allow another device to connect to the same port, thereby eliminating administrative overhead associated with this feature.
Granular Access Control and Identity-based Network Services
• Cisco security VLAN ACLs (VACLs) on all VLANs to prevent unauthorized data flows to be bridged within VLANs.
• Cisco standard and extended IP security Router ACLs (RACLs) for defining security policies on routed interfaces for control plane and data plane traffic.
• Port-based ACLs (PACLs) for Layer 2 interfaces allows security policies to be applied on individual switch ports.
• Time-based ACLs allow the implementation of security settings during specific periods of the day or days of the week.
• 802.1x with VLAN assignment allows a dynamic VLAN assignment for a specific user regardless of where the user is connected.
• 802.1x with an ACL assignment allows for specific security policies based on a user regardless of where the user is connected.
• 802.1x with voice VLAN to permit an IP phone access to the voice VLAN irrespective of the authorized or unauthorized state of the port.
• 802.1x and port security for authenticating the port and managing network access for all MAC addresses, including that of the client.
• Support for dynamic VLAN assignment through implementation of VLAN Membership Policy Server (VMPS) client functionality provides flexibility in assigning ports to VLANs. Dynamic VLAN enables fast assignment of IP address.
• DHCP Interface Tracker (Option 82) provides capabilities to locate a user on a network by providing switch and port ID to a DHCP server. MAC Address Notification allows administrators to be notified of new users added or removed from the network. Support for CiscoWorks User Registration Tool and the User Tracker in CiscoWorks Campus Manager both provide the ability to track the location of users.
QUALITY OF SERVICE/CONTROL
Advanced Quality of Service
• 802.1p CoS and Differentiated Services Code Point (DSCP) field classification via marking and reclassification on a per packet basis using source/destination IP address, source/destination MAC address, or Layer 4 TCP/UDP port number.
• Automatic QoS (Auto-QoS) greatly simplifies the configuration of QoS in VoIP networks by issuing interface and global switch commands that allow the detection of Cisco IP phones, the classification of traffic, and egress queue configuration.
• Cisco control plane and data plane quality of service ACLs on all ports to ensure proper marking on a per packet basis.
• Four egress queues per port supported in hardware to enable differentiated management of up to four types of traffic.
• WRR scheduling to ensure differential prioritization of packet flows by intelligently servicing the egress queues.
• WRED on all Gigabit Ethernet ports for avoidance of congestion at the egress queues before a disruption occurs.
• Strict priority queuing to guarantee that the highest priority packets will always get serviced ahead of all other traffic.
• No performance penalty for highly granular quality of service functionality.
• CIR functionality allows bandwidth to be guaranteed in increments as low as 8 Kbps.
• Rate-limiting based on source/destination IP address, source/destination MAC address, or Layer 4 TCP/UDP information or any combination of these fields using QoS ACLs (IP ACLs or MAC ACLs), class maps, and policy maps.
• Per port, per VLAN ingress policing enables the rate-limiting of individual VLANs on trunk ports.
• Ability to easily manage data flows asynchronously upstream and downstream from the end station or on the uplink via ingress and ingress policing.
• 8 aggregate or individual ingress policers and 8 aggregate egress policers on each 10/100 port.
• 128 aggregate or individual ingress policers and 8 aggregate egress policers on each Gigabit Ethernet port.
Cluster Management Suite
• Built-in Web-based Cisco CMS Software provides an easy- to-use Web-based management interface through a standard Web browser.
• Cisco AVVID Wizards use just a few user inputs to automatically configure the switch to optimally handle different types of traffic: voice, video, multicast, and/or high-priority data.
• A security wizard is provided to restrict unauthorized access to servers and networks, and restrict certain applications on the network.
• Cisco CMS Software allows the user to manage up to 16 inter-connected Cisco Catalyst 3550, 2950, 3500 XL, 2900 XL, 2900 LRE XL, and 1900 switches through a single IP address, without the limitation of being physically located in the same wiring closet. Full backward compatibility ensures any combination of the above switches can be managed with a Cisco Catalyst 3550 switch.
• The cluster software upgrade feature allows the user to automatically upgrade the system software on a group of Cisco Catalyst 3550, 2950, 3500 XL, 2900 XL, 2900 LRE XL, and 1900 switches.
• Cisco Cluster Management Suite Software has been extended to include multilayer feature configurations such as Routing Protocols, ACLs, and QoS parameters.
• Clustering now supports member discovery and cluster creation across a single Catalyst 3550 routed hop, enabling the entire LAN to be managed in a single web interface (and with a single IP address if desired).
• Cisco Cluster Management Suite Guide Mode assists users in the configuration of powerful advanced features by providing step-by-step instructions.
• Cisco Cluster Management Suite provides enhanced online help for context-sensitive assistance.
• Easy-to-use graphical interface provides both a topology map and front panel view of the cluster.
• Multi-device and multi-port configuration capabilities allow network administrators to save time by configuring features across multiple switches and ports simultaneously.
• One-click software upgrades can be performed across the entire cluster simultaneously, and configuration cloning enables rapid deployment of networks.
• Ability to launch the web-based management for a Cisco Aironet Wireless Access Point by simply clicking on its icon in the topology map.
• User-personalized interface allows users to modify polling intervals, table views, and other settings within CMS and retain these settings the next time they use CMS.
• Alarm notification provides automated email notification of network errors and alarm thresholds.
• A troubleshooting toolbox, including L2 and L3 traceroute and Ping, helps administrators find network problems quickly.
• Manageable through CiscoWorks network management software on a per-port and per-switch basis providing a common management interface for Cisco routers, switches and hubs.
• SNMP v1, v2c, v3 and Telnet interface support delivers comprehensive in-band management, and a CLI-based management console provides detailed out-of-band management.
• Cisco Discovery Protocol (CDP) Versions 1 and 2 enable a CiscoWorks network management station to automatically discover the switch in a network topology.
• Supported by the CiscoWorks LAN Management Solution (includes Resource Manager Essentials, Campus Manager, CiscoView, and Device Fault Manager); QoS Policy Manager (QPM); ACS; User Registration Tool (URT); CiscoWorks SNMS; Service Level Manager; and Internet Performance Monitor (IPM).
• Superior Cisco IOS CLI support provides common user interface and command set with all Cisco Manageability routers and Cisco desktop switches.
• Supported by the Cisco QPM solution for end-to-end QoS policies.
• Cisco VTP supports dynamic VLANs and dynamic trunk configuration across all switches.
• 12 Gbps maximum forwarding bandwidth at Layer 2 and Layer 3 (Catalyst 3550-12G 3550-12T), 6.8 Gbps maximum forwarding bandwidth at Layer 2 and Layer 3 (Catalyst 3550-48), 4.4 Gbps maximum forwarding bandwidth at Layer 2 and Layer 3 (Catalyst 3550-24, 3550-24 PWR, 3550-24-DC, and 3550-24-FX)
• 17.0 Mpps forwarding rate for 64-byte packets (Catalyst 3550-12G and 3550-12T), 10.1 Mpps forwarding rate for 64-byte packets (Catalyst 3550-48), 6.6 Mpps forwarding rate for 64-byte packets (Catalyst 3550-24, 3550-24 PWR, 3550-24-DC, and 3550-24-FX)
• 4 MB memory architecture shared by all ports (Catalyst 3550-12G, 3550-12T, and 3550- 48), 2 MB memory architecture shared by all ports (Catalyst 3550-24, 3550-24 PWR, 3550-24-DC, and 3550-24-FX)
• 64 MB DRAM and 16 MB Flash memory
• Configurable up to 12,000 MAC addresses (Catalyst 3550-12G and 3550-12T), Configurable up to 8,000 MAC addresses (Catalyst 3550-48, 3550-24, 3550-24 PWR, 3550-24-DC, and3550-24-FX)
• Configurable up to 24,000 unicast routes (Catalyst 3550-12G and 3550-12T), Configurable up to 16,000 unicast routes (Catalyst 3550-48, 3550-24, 3550-24 PWR, 3550-24-DC, and 3550-24-FX)
• Configurable up to 8,000 multicast routes (Catalyst 3550-12G and 3550-12T), Configurable up to 2,000 multicast routes (Catalyst 3550-48, 3550-24, 3550-24 PWR, 3550-24-DC, and 3550-24-FX)
• Configurable Maximum Transmission Unit (MTU) of up to 2,000 Bytes for bridging of MPLS tagged frames (Catalyst 3550-12G and 3550-12T), Configurable Maximum Transmission Unit (MTU) of up to 1,546 Bytes for bridging of MPLS tagged frames (Catalyst 3550-48, 3550-24, 3550-24 PWR, 3550-24-DC, and 3550-24-FX)
• IPMROUTE-MIBL2/L3 INTERFACE MIB
• OSPF-MIB (RFC 1253)
• IEEE 802.1x
• IEEE 802.1w
• IEEE 802.1s
• IEEE 802.3x full duplex on 10BASE-T, 100BASE-TX, and 1000BASE-T ports
• Management console port: 8-pin RJ-45 connector, RJ-45-to-RJ-45 rollover cable with RJ-45-to-DB9 adapter for PC connections; for terminal connections, use RJ-45-to-DB25 female data-terminal-equipment (DTE) adapter (can be ordered separately from Cisco, part number ACS-DSBUASYN=)
• Customers can provide power to a switch by using either the internal power supply or the Cisco RPS. The RPS 300 is compatible with all Catalyst 3550 models except the 3550-24-DC and 3550-24 PWR. The RPS 675 is compatible with all Catalyst 3550 models except the 3550-24-DC. The connectors are located at the back of the switch
• Internal Power Supply Connector
– The internal power supply is an auto-ranging unit
– The internal power supply supports input voltages between 100 and 240 VAC
– Use the supplied AC power cord to connect the AC power connector to an AC power outlet
• Cisco RPS 675 Connector
– The connector offers connection for an optional Cisco RPS 675 that uses AC input and supplies DC output to the switch
– The connector offers a 675-watt redundant power system that can support six external network devices and provides power to one failed device at a time
– The connector automatically senses when the internal power supply of a connected device fails and provides power to the failed device, preventing loss of network traffic
– Attach only the Cisco RPS 675 (model PWR675-AC-RPS-NI=) to the redundant power supply receptacle with this connector. See above for Catalyst 3550 RPS compatibility
• Cisco RPS 300 Connector
– The connector offers connection for an optional Cisco RPS 300 that uses AC input and supplies DC output to the switch
– The connector offers a 300-watt redundant power system that can support six external network devices and provides power to one failed device at a time
– The connector automatically senses when the internal power supply of a connected device fails and provides power to the failed device, preventing loss of network traffic
– Attach only the Cisco RPS 300 (model PWR300-AC-RPS-N1) to the redundant power supply receptacle with this connector. See above for Catalyst 3550 RPS compatibility
• Per-port status LEDs: link integrity, disabled, activity, speed, and full-duplex indications
• System status LEDs: system, RPS, and bandwidth utilization indications
Dimensions and Weight (H x W x D)
• 2.63 x 17.5 x 15.9 in. (6.7 x 44.5 x 40.4 cm) (Catalyst 3550-12G and 3550-12T)
• 1.75 x 17.5 x 17.4 in (4.45 x 44.5 x 44 cm) (Catalyst 3550-24 PWR)
• 1.75 x 17.5 x 14.4 in. (4.45 x 44.5 x 36.6 cm) (Catalyst 3550-24 and 3550-24-DC)
• 1.75 x 17.5 x 16.3 in. (4.45 x 44.5 x 41.3 cm) (Catalyst 3550-24-FX and 3550-48)
• 1.5 RU high (Catalyst 3550-12G and 3550-12T)
• 1.0 RU high (Catalyst 3550-48 and 3550-24, 3550-24 PWR, 3550-24-DC and 3550-24-FX)
• 16 lb (7.3 kg) (Catalyst 3550-12G and 3550-12T)
• 14 lb (6.35 kg) (Catalyst 3550-24 PWR)
• 11 lb (5.0 kg) (Catalyst 3550-24 and 3550-24-DC)
• 12 lb (5.5 kg) (Catalyst 3550-24-FX)
• 13 lb (5.9 kg) (Catalyst 3550-48)
• Operating temperature: 32° to 113°F (0° to 45°C)
• Storage temperature: -13° to 158°F (-25° to 70°C)
• Operating relative humidity: 10 to 85% (non-condensing)
• Operating altitude: Up to 10,000 ft (3,049 m)
• Storage altitude: Up to 15,000 ft (4,573 m)
• Power consumption: 190 W (maximum), 650 BTUs per hour (Catalyst 3550-12G and 3550-12T); 525W (maximum), 1790 BTUs per hour (Catalyst 3550-24 PWR); 65 W (maximum), 222 BTUs per hour (Catalyst 3550-24); 110 W (maximum), 375 BTUs per hour (Catalyst 3550-48); 72 W (maximum), 250 BTUs per hour (Catalyst3550-24-DC); 85 W (maximum), 290 BTUs per hour (Catalyst 3550-24-FX)
• AC input voltage/frequency: 100 to 127/200 to 240 VAC (auto-ranging), 50 to 60 Hz
• DC Input Voltages
• RPS input +12V @ 13A (Catalyst 3550-12G, 3550-12T, and 3550-48); +12V @ 8.3A (Catalyst 3550-24 and 3550-24-FX); +12V @ 7.5A and - 48V @ 7.8A (Catalyst 3550-24 PWR)
• DC input for 3550-24-DC: -36 to 72VDC @ 2A
• ISO 7770, bystander position operating to an ambient temperature of 30 degrees Celsius:
– Catalyst 3550-12G and 3550-12T: 58 dBa
– Catalyst 3550-24 and 3550-24-DC: 48 dBa
– Catalyst 3550-48 and 3550-24-FX: 46 dBa
– Catalyst 3550-24 PWR: 47 dBa
Mean Time Between Failure (MTBF)
• 110,332 hours (Catalyst 3550-12G)
• 113,658 hours (Catalyst 3550-12T)
• 166,356 hours (Catalyst 3550-24 PWR)
• 193,000 hours (Catalyst 3550-24)
• 163,000 hours (Catalyst 3550-48)
• 183,000 hours (Catalyst 3550-24-DC)
• 186,000 hours (Catalyst 3550-24-FX)
REGULATORY AGENCY APPROVALS
• UL to UL 1950, Third Edition
• c-UL to CAN/CSA 22.2 No. 950-95, Third Edition
• TUV/GS to EN 60950 with Amendment A1-A4 and A11
• CB to IEC 60950 with all country deviations
• NOM to NOM-019-SCFI
• CE Marking
Electromagnetic Emissions Certifications
• FCC Part 15 Class A
• EN 55022 Class A (CISPR 22 Class A)
• VCCI Class A
• AS/NZS 3548 Class A
• CE Marking
Network Equipment Building Systems (NEBS) (for Catalyst 3550-24-DC)
The services and support programs described in Table X below are available as part of the Cisco Desktop Switching Service and Support solution, and are available directly from Cisco and through resellers.
Table 2. Service and Support
Total Implementation Solutions (TIS) available direct from Cisco Packaged Total Implementation Solutions (Packaged TIS) available through resellers
• Project management
• Site survey, configuration deployment
• Installation, text, and cutover Training
• Major Moves, Adds, Changes (MAC)
• Design review and product staging
• Supplements existing staff
• Ensures functionality meets needs
• Mitigates risk
Technical Support Services
SMARTnet and SMARTnet Onsite (OS) available direct from Cisco Packaged SMARTnet available through resellers
• 24x7 access to software updates
• Web access to technical repositories
• Telephone support through the Technical Assistance Center
• Advance replacement of hardware parts
• Enables proactive or expedited issue resolution
• Lowers cost of ownership by utilizing Cisco expertise and knowledge