CISCO CATALYST 2950 SERIES SWITCHES WITH STANDARD IMAGE SOFTWARE
The Cisco® Catalyst® 2950SX48, 2950T-48, 2950SX-24, 2950-24, and 2950-12 switches, members of the Cisco Catalyst 2950 Series, are standalone, fixed-configuration, managed 10/100 Mbps switches providing basic workgroup connectivity for small to midsize networks. These wire-speed desktop switches come with Standard Image software features and offer Cisco IOS® Software functions for basic data, voice, and video services at the edge of the network.
Embedded in all Cisco Catalyst 2950 Series switches is the Cisco Device Manager software, which allows users to easily configure and monitor the switch using a standard Web browser, eliminating the need for more complex terminal emulation programs and knowledge of the command-line interface (CLI). Customers can easily initialize the switch with web-based Cisco Express Setup, without using the CLI. In addition, with Cisco Network Assistant, a standalone network management software, customers can simultaneously configure and troubleshoot multiple Cisco Catalyst desktop switches. Cisco Device Manager, Cisco Express Setup, and Cisco Network Assistant reduce the cost of deployment by enabling less-skilled personnel to set up switches quickly. Furthermore, Cisco Catalyst 2950 Series switches provide extensive management tools using Simple Network Management Protocol (SNMP) network management platforms such as CiscoWorks.
This product line offers two distinct sets of software features and a range of configurations to allow small, midsize, and enterprise branch offices to select the right combination for the network edge. For networks that require additional security, advanced quality of service (QoS), and high availability, Enhanced Image software delivers intelligent services such as rate limiting and security filtering for deployment at the network edge.
The Cisco Catalyst 2950SX-48, 2950T-48, 2950SX-24, 2950-24 and 2950-12 switches (Figures 1-5) are available only with the Standard Image (SI) software for the Cisco Catalyst 2950 Series. They cannot be upgraded to the Enhanced Image (EI) software.
• Cisco Catalyst 2950SX 48 Switch-48 10/100 Mbps ports with two fixed 1000BASE-SX uplinks
• Cisco Catalyst 2950T 48 Switch-48 10/100 Mbps ports with two fixed 10/100/1000BASE-T uplinks
• Cisco Catalyst 2950SX 24 Switch-24 10/100 Mbps ports with two fixed 1000BASE-SX uplinks
These switches provide customers with many connectivity and port-density options. The Cisco Catalyst 2950-12 and Cisco Catalyst 2950-24 switches provide 12 and 24 10/100 Mbps ports, respectively, for edge connectivity. Depending on port-density requirements, customers with gigabit fiber uplink connectivity needs can choose between the Cisco Catalyst 2950SX-24 Switch, which provides 24 10/100 Mbps ports and 2 integrated 1000BASE-SX ports, and the Cisco Catalyst 2950SX-48 Switch, which provides 48 10/100 Mbps ports and 2 integrated 1000BASE-SX ports.
With these integrated ports, customers get an extremely cost-effective solution for delivering gigabit speeds using fiber. These switches are ideal for education and government segments where fiber uplinks are required. For customers that do not need fiber connectivity, the Cisco Catalyst 2950T-48 Switch with 48 10/100 Mbps ports and two integrated 10/100/1000 BASE-T ports is a cost-effective alternative. The 10/100/1000 BASE-T ports can be used for server connectivity or for uplink connectivity to distribution or other switches. Dual ports also provide redundancy and increased availability, as well as provide a cost-effective means for cascading switches and managing them as a cluster. The Cisco Catalyst 2950 Series Intelligent Ethernet switches with Enhanced Image software are fixed-configuration models that bring intelligent services, such as advanced QoS, enhanced security, and high availability to the network edge while maintaining the simplicity of traditional LAN switching. Combining a Cisco Catalyst 2950 Series Intelligent Ethernet Switch with a Cisco Catalyst 3550 Series Switch enables IP routing from the edge to the core of the network. Refer to the Cisco Catalyst 2950 Series Enhanced Image Data Sheet for more information: http://www.cisco.com/en/US/products/hw/switches/ps628/products_data_sheet09186a00801cfb64.html
NETWORK AVAILABILITY WITH WIRE-SPEED PERFORMANCE IN CONNECTING END STATIONS TO THE LAN
With a switching fabric of 13.6 Gbps and a maximum forwarding bandwidth of 13.6 Gbps, Cisco Catalyst 2950 Series switches deliver wire-speed performance on all ports in connecting end stations and users to the company LAN. Cisco Catalyst 2950 Series switches with basic services support performance-boosting features such as Cisco Fast EtherChannel® to provide high-performance bandwidth between Cisco Catalyst switches, routers, and servers.
Cisco Catalyst 2950 Series switches offer enhanced data security through a wide range of security features. These features allow customers to provide network security based on users or MAC addresses. The security enhancements are available free by downloading the latest software for the Cisco Catalyst 2950 Series switches.
Secure Shell version 2 (SSHv2) protects information from being eavesdropped or being tampered with by encrypting information being passed on the network, thereby guarding administrative information. Private VLAN Edge isolates ports on a switch, ensuring that traffic travels directly from the entry point to the aggregation device through a virtual path and cannot be directed to another port. In addition, for authentication of users with a TACACS+ or a RADIUS server, 802.1x provides port-level security. Simple Network Management Protocol Version 3 (SNMPv3) (non-cryptographic) monitors and controls network devices as well as manages configurations, performance, collection of statistics, and security.
For authentication of users with a Terminal Access Controller Access Control System (TACACS+) or RADIUS server, 802.1x provides port-level security. 802.1x, in conjunction with a RADIUS server, allows for dynamic port-based user authentication. 802.1x-based user authentication can be extended to dynamically assign a VLAN based on a specific user, regardless of where they connect on the network. With 802.1x with Guest VLAN, guests are allowed access to the Internet via the Guest VLAN but cannot access the customer's internal network. This intelligent adaptability allows IT departments to offer greater flexibility and mobility to their stratified user populations. By combining access control and user profiles with secure network connectivity, services, and applications, enterprises can more effectively manage user mobility and drastically reduce the overhead associated with granting and managing access to network resources.
With the Cisco Catalyst 2950SX-48, 2950T-48, 2950SX-24, 2950-24, and 2950-12 switches, network managers can make ports and consoles highly secure. MAC-address-based port-level security prevents unauthorized stations from accessing the switch. Multilevel access security on the switch console and the Web management interface prevents unauthorized users from accessing or altering switch configurations and can be implemented using an internal user database on each switch or a centrally administered TACACS+ or RADIUS server. Using 802.1x in conjunction with a RADIUS server allows dynamic port-based user authentication. In addition, 802.1x can coexist with port security on a per-port basis. Security features can be deployed using Cisco Network Assistant software security wizards, which ease the deployment of security features that restrict user access to a server or portion of the network or restrict the applications used in certain areas of the network.
Cisco Catalyst 2950SX-48, 2950T-48, 2950SX-24, 2950-24, and 2950-12 switches deliver LAN-edge QoS, supporting two modes of reclassification. One mode-based on the IEEE 802.1p standard-honors the class-of-service (CoS) value at the ingress point and assigns the packet to the appropriate queue. In the second mode, packets can be reclassified based on a default CoS value assigned to the ingress port by the network administrator. In the case of frames that arrive without a CoS value (such as untagged frames), these Cisco Catalyst 2950 Series switches support classification based on a default CoS value per port assigned by the network administrator. After the frames have been classified or reclassified using one of the above modes, they are assigned to the appropriate queue at the egress. Cisco Catalyst 2950 Series switches support four egress queues, which allow the network administrator to be more discriminating and granular in assigning priorities for the various applications on the LAN. Strict Priority Scheduling configuration ensures that time-sensitive applications, such as voice, always follow an expedited path through the switch fabric. Weighted Round Robin (WRR) scheduling, another significant enhancement, ensures that lower-priority traffic receives attention without comprising the priority settings administered by a network manager. These features allow network administrators to prioritize mission-critical, time-sensitive traffic, such as voice (IP telephony traffic), enterprise resource planning (Oracle, SAP, etc.), and computer-assisted design and manufacturing, over less time-sensitive applications such as FTP or e-mail (Simple Mail Transfer Protocol).
To provide efficient use of resources for bandwidth-hungry applications like multicasts, Cisco Catalyst 2950 Series switches support Internet Group Management Protocol Version 3 (IGMPv3) snooping in hardware. Through the support and configuration of IGMP snooping through the Cisco Network Assistant software, these Cisco Catalyst 2950 Series switches deliver outstanding performance and ease of use in administering and managing multicast applications on the LAN.
The IGMPv3 snooping feature allows the switch to "listen in" on the IGMP conversation between hosts and routers. When a switch hears an IGMP join request from a host for a given multicast group, the switch adds the host's port number to the group destination address list for that group. And when the switch hears an IGMP leave request, it removes the host's port from the content-addressable memory (CAM) table entry.
Multicast VLAN Registration (MVR) is designed for applications using wide-scale deployment of multicast traffic across an Ethernet ring-based service provider network (for example, the broadcast of multiple television channels over a service-provider network). MVR allows a subscriber on a port to subscribe and unsubscribe to a multicast stream on the networkwide multicast VLAN.
Per VLAN Spanning Tree Plus (PVST+) allows users to implement redundant uplinks while also distributing traffic loads across multiple links. This is not possible with standard Spanning Tree Protocol implementations. Cisco UplinkFast technology ensures immediate transfer to the secondary uplink, much better than the traditional 30- to 60-second convergence time. This is yet another enhancement of the Spanning Tree Protocol implementation. An additional feature that enhances performance is voice VLAN. This feature allows network administrators to assign voice traffic to a VLAN dedicated to IP telephony, thereby simplifying phone installations and providing easier network traffic administration and troubleshooting.
Customers can configure one switch at a time with the embedded Cisco Device Manager, or configure and troubleshoot multiple switches with Cisco Network Assistant, a free standalone network management software application optimized for LANs of small and medium-sized businesses with up to 250 users. Cisco Device Manager offers a simple and intuitive GUI interface for configuring and monitoring the switch. The software is Web-based and embedded in Cisco Catalyst 3750, 3650, 3550, 2970, 2950, and 2940 Switches. Cisco Express Setup simplifies the switch initialization. Users now have the option to set up the switch through a Web browser, eliminating the need for more complex terminal emulation programs and knowledge of the CLI. Cisco Device Manager and Cisco Express Setup reduce the cost of deployment by enabling less-skilled personnel to quickly and simply set up switches.
With Cisco Network Assistant, customers can configure multiple ports and switches simultaneously, perform software updates across multiple switches at once, and copy configurations to other switches for rapid network deployments. Bandwidth graphs and link reports provide useful diagnostic information, and the topology map gives network administrators a quick view of the network status. Cisco Network Assistant supports a wide range of Cisco Catalyst intelligent switches from Cisco Catalyst 2950 through Cisco Catalyst 4506. Through a user-friendly GUI, users can configure and manage a wide array of switch functions and start the device manager of Cisco routers and Cisco wireless access points
The Cisco Network Assistant Software Guide Mode leads the user step-by-step through the configuration of advanced features and provides enhanced online help for context-sensitive assistance. Cisco AVVID (Architecture for Voice, Video and Integrated Data) Wizards provide automated configuration of the switch to optimally support video streaming or video conferencing, voice over IP (VoIP), and mission-critical applications. In addition, Smartports offers a set of verified feature macros per connection type in an easy-to-apply manner. With these macros, users can consistently and reliably configure essential security, availability, quality of service, and manageability features recommended for Cisco Business Ready Campus solutions with minimal effort and expertise. These Wizards and Smartports can save hours of time for network administrators, eliminate human errors, and ensure that the configuration of the switch is optimized for these applications.
In addition to Cisco Network Assistant, Cisco Catalyst 2950 Series switches provide extensive management tools using SNMP network management platforms such as CiscoWorks. Managed with CiscoWorks, Cisco Catalyst family switches can be configured and managed to deliver end-to-end device, VLAN, traffic, and policy management. Coupled with CiscoWorks, Cisco Resource Manager Essentials, a Web-based management tool, offers automated inventory collection, software deployment, easy tracking of network changes, views into device availability, and quick isolation of error conditions.
PRODUCT FEATURES AND BENEFITS
Superior Redundancy for Fault Backup
• IEEE 802.1D Spanning Tree Protocol support for redundant backbone connections and loop-free networks simplifies network configuration and improves fault tolerance.
• IEEE 802.1w Rapid Spanning- Tree Protocol (RSTP) provides rapid convergence of the spanning tree, independent of spanning-tree timers.
• Per VLAN Rapid Spanning Tree (PVRST+) allows rapid spanning-tree reconvergence on a per-VLAN spanning-tree basis, without requiring the implementation of spanning-tree instances.
• Support for Cisco Spanning Tree Protocol enhancements such as UplinkFast, BackboneFast, and PortFast technologies ensures quick failover recovery and enhances overall network stability and availability.
• Support for Cisco's optional RPS 675, 675-watt redundant AC power system, which provides a backup power source for one of six switches, for improved fault tolerance and network uptime.
• Unidirectional link detection (UDLD) and aggressive UDLD detect and disable unidirectional links on fiber-optic interfaces caused by incorrect fiber-optic wiring or port faults.
Integrated Cisco IOS Software Features for Bandwidth Optimization
• Bandwidth aggregation through Cisco EtherChannel technology enhances fault tolerance and offers higher-speed aggregated bandwidth between switches to routers and individual servers. Port Aggregation Protocol (PagP) is available to simplify configuration.
• VLAN1 minimization allows VLAN1 to be disabled on any individual VLAN trunk link.
• IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) allows a spanning-tree instance per VLAN, enabling Layer 2 load sharing on redundant links.
• Per-port broadcast, multicast, and unicast storm control prevents faulty end stations from degrading overall system performance.
• Per VLAN Spanning Tree Plus (PVST+) allows for Layer 2 load sharing on redundant links to efficiently use the extra capacity inherent in a redundant design.
• VLAN Trunking Protocol (VTP) pruning limits bandwidth consumption on VTP trunks by flooding broadcast traffic only on trunk links required to reach the destination devices. Dynamic Trunking Protocol (DTP) enables dynamic trunk configuration across all ports in the switch.
• IGMPv3 snooping provides for fast client joins and leaves of multicast streams and limits bandwidth-intensive video traffic to the requestors. MVR, IGMP filtering, and fast-join and immediate leave are available as enhancements. IGMP Snooping time can be adjusted to optimize the performance of multicast data flows.
Networkwide Security Features
• A private VLAN edge provides security and isolation between ports on a switch, ensuring that voice traffic travels directly from its entry point to the aggregation device through a virtual path and cannot be directed to a different port.
• Support for the 802.1x standard allows users to be authenticated regardless of which LAN ports they are accessing, and it provides unique benefits to customers who have a large base of mobile (wireless) users accessing the network.
–802.1x with voice VLAN permits an IP phone access to the voice VLAN regardless of the authorized or unauthorized state of the port.
–802.1x with Port Security authenticates the port and manages network access for all MAC addresses, including that of the client.
–IEEE 802.1x with Guest VLAN allows guests without 802.1x clients to have limited network access on the Guest VLAN.
–IEEE 802.1x with VLAN assignment allows a dynamic VLAN assignment for a specific user regardless of where the user is connected.
• SSHv2 provides network security by encrypting administrator traffic during Telnet sessions. SSHv2 requires a special cryptographic software image due to US export restrictions
• Port Security secures the access to a port based on the MAC address of a user's device. The aging feature removes the MAC address from the switch after a specific time to allow another device to connect to the same port.
• MAC Address Notification allows administrators to be notified of new users added or removed from the network.
• Multilevel security on console access prevents unauthorized users from altering the switch configuration.
• Trusted Boundary provides the ability to trust the QoS priority settings if an IP phone is present and disable the trust setting in the event that the IP phone is removed, thereby preventing a rogue user from overriding prioritization policies in the network.
• TACACS+ and RADIUS authentication enables centralized control of the switch and restricts unauthorized users from altering the configuration.
• SPAN support of Intrusion Detection Systems (IDSs) to monitor, repel, and report network security violations
• SNMPv3 (non-crypto) monitors and controls network devices, manages configurations, statistics collection, performance, and security.
• Cisco Network Assistant software security wizards ease the deployment of security features for restricting user access to a server, a portion of the network, or access to the network.
Quality of Service
Layer 2 QoS
• Support for reclassifying frames is based either on 802.1p class-of-service (CoS) value or default CoS value per port assigned by network manager.
• Four queues per egress port are supported in hardware.
• The Weighted Round Robin (WRR) scheduling algorithm ensures that low-priority queues are not starved.
• Strict priority queue configuration via Strict Priority Scheduling ensures that time-sensitive applications such as voice always follow an expedited path through the switch fabric.
• SNMP and Telnet interface support delivers comprehensive in-band management, and a CLI management console provides detailed out-of-band management.
• An embedded Remote Monitoring (RMON) software agent supports four RMON groups (history, statistics, alarms, and events) for enhanced traffic management, monitoring, and analysis.
• A Switched Port Analyzer (SPAN) port can mirror traffic from one or many ports to another port for monitoring all nine RMON groups with an RMON probe or network analyzer.
• Trivial File Transfer Protocol (TFTP) reduces the cost of administering software upgrades by downloading from a centralized location.
• Network Timing Protocol (NTP) provides an accurate and consistent timestamp to all switches within the intranet.
• Layer 2 traceroute eases troubleshooting by identifying the physical path that a packet takes from the source device to a destination device.
• Multifunction LEDs per port for port status, half-duplex/full-duplex, 10BASE-T/100BASE-TX/1000BASE-T indication, as well as switch-level status LEDs for system, redundant power supply, and bandwidth utilization provide a comprehensive and convenient visual management system.
• Crash information support enables a switch to generate a crash file for improved troubleshooting.
• Show-interface-capabilities provide information about the configuration capabilities of any interface.
• Response Time Monitoring (RTTMON) MIB allows users to monitor network performance between a Cisco Catalyst switch and a remote device.
Cisco Network Assistant Software
• Cisco Network Assistant Software is a free, standalone network management application software that simplifies the administration of networks of up to 250 users. It supports a wide range of Cisco Catalyst intelligent switches from Cisco Catalyst 2950 through Cisco Catalyst 4506. With Cisco Network Assistant, users can manage Cisco Catalyst switches plus launch the device managers of Cisco integrated services routers (ISRs) and Cisco Aironet WLAN access points by simply clicking on its icon in the topology map.
• Cisco AVVID (Architecture for Voice, Video and Integrated Data) wizards use just a few user inputs to automatically configure the switch to optimally handle different types of traffic: voice, video, multicast, and high-priority data.
• One-click software upgrades can be performed across the entire cluster simultaneously, and configuration cloning enables rapid deployment of networks.
• Cisco Network Assistant Guide Mode helps users configure powerful advanced features by providing step-by-step instructions.
• Cisco Network Assistant provides enhanced online help for context-sensitive assistance.
• Easy-to-use graphical interface provides both a topology map and front-panel view of the switches.
• Multidevice- and multiport-configuration capabilities allow network administrators to save time by configuring features across multiple switches and ports simultaneously.
• User-personalized interface allows users to modify polling intervals, table views, and other settings within Cisco Network Assistant and retain these settings the next time they use Cisco Network Assistant.
• Alarm notification provides automated e-mail notification of network errors and alarm thresholds.
Support for CiscoWorks
• Manageability is enabled through CiscoWorks network management software on a per-port and per-switch basis, providing a common management interface for Cisco routers, switches, and hubs.
• SNMPv1, v2, and v3 (non-cryptographic) and Telnet interface support delivers comprehensive in-band management, and a command-line-interface (CLI) management console provides detailed out-of-band management.
• Cisco Discovery Protocol (CDP) versions 1 and 2 enable a CiscoWorks network management station to automatically discover the switch in a network topology.
• Support is provided by the CiscoWorks LAN Management Solution.
Ease of Use and Deployment
• Cisco Device Manager is an embedded web-based software that allows the customer to easily configure and troubleshoot the switch, eliminating the need for more complex terminal emulation programs and CLI knowledge, and reducing the cost of deployment by enabling less-skilled personnel to quickly and simply set up switches.
• Cisco Express Setup allows the customer to quickly and easily initialize a switch with a web browser
• Smartports offers a set of verified feature macros per connection type in an easy-to-apply manner. With these macros, users can consistently and reliably configure essential security, availability, quality of service, and manageability features recommended for Cisco Business Ready Campus solutions with minimal effort and expertise.
• Auto-configuration eases deployment of switches in the network by automatically configuring multiple switches across a network using a bootp server.
• Autosensing on each port detects the speed of the attached device and automatically configures the port for 10 or 100 Mbps operation, easing the deployment of the switch in mixed-speed environments.
• Auto-negotiating on all ports automatically selects half- or full-duplex transmission mode to optimize bandwidth.
• Link Aggregation Control Protocol (LACP) allows the creation of Ethernet channeling with devices that conform to IEEE 802.3ad. This is similar to Cisco EtherChannel and PagP.
• Cisco Discovery Protocol versions 1 and 2 enable a CiscoWorks network management station to automatically discover the switch in a network topology.
• Cisco VTP supports dynamic VLANs and dynamic trunk configuration across all switches.
• Support for dynamic VLAN assignment through implementation of VLAN Membership Policy Server (VMPS) client functions provides flexibility in assigning ports to VLANs.
• Voice VLAN simplifies telephony installations by keeping voice traffic on a separate VLAN for easier network administration and troubleshooting.
• The default configuration stored in Flash memory ensures that the switch can be quickly connected to the network and can pass traffic with minimal user intervention.
• 13.6-Gbps switching fabric (Catalyst 2950T-48-SI and 2950SX-48-SI)
• 1000BASE-SX ports: MT-RJ connectors, up to 1800 feet (550 meters) cable distance for 50/125 or up to 900 ft (275 m) cable distance for 62.5/125 micron multimode fiber-optic cabling
• Management console port: 8-pin RJ-45 connector, RJ-45-to-DB9 adapter cable for PC connections; for terminal connections, use RJ-45-to-DB25 female data-terminal-equipment (DTE) adapter (can be ordered separately, Cisco part number ACS-DSBUASYN=)
MT-RJ Patch Cables for Cisco Catalyst 2950SX 24 Switch