background image

© 2012-2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. 

Page 6 of 17

Ɣ

Automation in managing hardware inventories, security vulnerabilities (PSIRTS) and platform end-of-life 

and support cycles 

For detailed information about Cisco Prime, visit 

http://www.cisco.com/go/prime

Security Features 

The Cisco Catalyst 2960-SF Series Switches provide superior Layer 2 threat defense capabilities for mitigating 

man-in-the-middle attacks (such as MAC, IP, and ARP spoofing). TrustSec, a primary element of Borderless 

Security Architecture, helps enterprise customers secure their networks, data and resources with policy-based 

access control, identity and role-aware networking, pervasive integrity, and confidentiality. Borderless security is 

enabled by the following feature sets in the Cisco Catalyst 2960-SF Series Switches: 

Ɣ

Threat defense 

Ɣ

Cisco TrustSec 

Ɣ

Other advanced security features 

Threat Defense 

Cisco Integrated Security Features is an industry-leading solution available on Cisco Catalyst Switches that 

proactively protects your critical network infrastructure. Delivering powerful, easy-to-use tools to effectively prevent 

the most common and potentially damaging Layer 2 security threats, Cisco Integrated Security Features provides 

robust security throughout the network. Cisco Integrated Security Features include Port Security, DHCP Snooping, 

Dynamic ARP Inspection, and IP Source guard. 

Ɣ

Port Security

 secures the access to an access or trunk port based on MAC address. It limits the number of 

learned MAC addresses to deny MAC address flooding.

Ɣ

DHCP Snooping

 prevents malicious users from spoofing a DHCP server and sending out bogus 

addresses. This feature is used by other primary security features to prevent a number of other attacks 

such as ARP poisoning. 

Ɣ

Dynamic ARP Inspection (DAI)

 helps ensure user integrity by preventing malicious users from exploiting 

the insecure nature of the ARP protocol. 

Ɣ

IP source guard

 prevents a malicious user from spoofing or taking over another user’s IP address by 

creating a binding table between the client’s IP and MAC address, port, and VLAN. 

Cisco TrustSec 

TrustSec secures access to the network, enforces security policies, and delivers standard based security solutions 

such as 802.1X enabling secure collaboration and policy compliance. TrustSec capabilities reflect Cisco thought 

leadership, innovations, and commitment to customer success. These new capabilities include: 

Ɣ

Flexible authentication

 that supports multiple authentication mechanisms including 802.1X, MAC 

Authentication Bypass and web authentication using a single, consistent configuration. 

Ɣ

Open mode

 that creates a user friendly environment for 802.1X operations. 

Ɣ

Integration of device profiling technology and guest access

 handling with Cisco switching to 

significantly improve security while reducing deployment and operational challenges. 

Ɣ

RADIUS Change of Authorization and downloadable calls

 for comprehensive policy management 

capabilities. 

Summary of Contents for Catalyst 2960-SF Series

Page 1: ...n deployed with the FlexStack stacking module Ɣ IEEE 802 3at compliant PoE for up to 30W of power per port Ɣ Models offering 370W or 740W of combined POE POE budget Ɣ Enhanced troubleshooting for problem solving including link connectivity and cable diagnostics Ɣ USB storage for file transfers backups and simplified operations Ɣ Support for Cisco Catalyst SmartOperations features including Smart I...

Page 2: ...s with LAN Lite Software Switch Model Description Uplinks Available PoE Power Cisco Catalyst 2960S F48TS S 48 Ethernet 10 100 ports 2 SFP Cisco Catalyst 2960S F24TS S 24 Ethernet 10 100 ports 2 SFP Cisco FlexStack Stacking Cisco FlexStack and IOS software provide true stacking with all switches in a stack acting as a single switch unit FlexStack provides a unified data plane unified configuration ...

Page 3: ...se enables companies to measure the power consumption of network infrastructure and network attached devices and manage power consumption with specific policies reducing power consumption to realize increased cost savings potentially affecting any powered device EnergyWise encompasses a highly intelligent network based approach to communicate messages that measure and control energy between networ...

Page 4: ...Ɣ Automatic media dependent interface crossover MDIX automatically adjusts transmit and receive pairs if an incorrect cable type crossover or straight through is installed Ɣ Unidirectional Link Detection Protocol UDLD and Aggressive UDLD allow unidirectional links caused by incorrect fiber optic wiring or port faults to be detected and disabled on fiber optic interfaces Ɣ Switching Database Manage...

Page 5: ...nt and configuration capabilities Cisco Network Assistant uses Cisco Smartports technology to simplify both initial deployment and ongoing maintenance This application also features an intuitive GUI where users can easily apply common services across Cisco switches routers and access points such as Ɣ Configuration management Ɣ Troubleshooting advice Ɣ Inventory reports Ɣ Event notification Ɣ Netwo...

Page 6: ...spection and IP Source guard Ɣ Port Security secures the access to an access or trunk port based on MAC address It limits the number of learned MAC addresses to deny MAC address flooding Ɣ DHCP Snooping prevents malicious users from spoofing a DHCP server and sending out bogus addresses This feature is used by other primary security features to prevent a number of other attacks such as ARP poisoni...

Page 7: ...hen an intruder is detected Ɣ TACACS and RADIUS authentication facilitates centralized control of the switch and restricts unauthorized users from altering the configuration Ɣ MAC Address Notification allows administrators to be notified of users added to or removed from the network Ɣ Multilevel security on console access prevents unauthorized users from altering the switch configuration Ɣ Bridge ...

Page 8: ...g on a per packet basis Ɣ Four egress queues per port help enable differentiated management of different traffic types across the stack Ɣ Shaped Round Robin SRR scheduling helps ensure differential prioritization of packet flows by intelligently servicing the ingress queues and egress queues Ɣ Weighted Tail Drop WTD provides congestion avoidance at the ingress and egress queues before a disruption...

Page 9: ... and visibility With EnergyWise power policies can be set up to reduce the power or shut down the power from a port based on the location Ɣ Cisco Emergency Responder CER enhances emergency calling from Cisco Unified CallManager It helps assure that Cisco Unified CallManager sends emergency calls to the appropriate Public Safety Answering Point PSAP for the caller s location Specifications Tables 4...

Page 10: ...5 4 8 Cisco Catalyst 2960S F24TS S 10 4 5 Environmental Ranges Parameter Fahrenheit Centigrade Operating temperature up to 5000 ft 1500 m 23º to 113ºF 5º to 45ºC Operating temperature up to 10 000 ft 3000 m 23º to 104ºF 5º to 40ºC Storage temperature up to 15 000 feet 4573 m 13º to 158ºF 25º to 70ºC Parameter Feet Meters Operating altitude Up to 10 000 Up to 3000 Storage altitude Up to 13 000 Up t...

Page 11: ...acking cable with a 1 0 m length Ɣ CAB STK E 3M FlexStack stacking cable with a 3 0 m length Cisco Catalyst 2960 SF console cables Ɣ CAB CONSOLE RJ45 Console cable 6 ft with RJ 45 Ɣ CAB CONSOLE USB Console cable 6 ft with USB Type A and mini B connectors Power Ɣ Use the supplied AC power cord to connect the AC power connector to an AC power outlet Ɣ The internal power supply is an auto ranging uni...

Page 12: ...ASE T ports Ɣ IEEE 802 3 10BASE T specification Ɣ IEEE 802 3u 100BASE TX specification Ɣ IEEE 802 3ab 1000BASE T specification Ɣ IEEE 802 3z 1000BASE X specification Ɣ 100BASE BX SFP Ɣ 100BASE FX SFP Ɣ 100BASE LX SFP Ɣ 1000BASE BX SFP Ɣ 1000BASE SX SFP Ɣ 1000BASE LX LH SFP Ɣ 1000BASE ZX SFP Ɣ 1000BASE CWDM SFP 1470 nm Ɣ 1000BASE CWDM SFP 1490 nm Ɣ 1000BASE CWDM SFP 1510 nm Ɣ 1000BASE CWDM SFP 1530...

Page 13: ...48FPS L 0 89 kVA Cisco Catalyst 2960S F48LPS L 0 48 kVA Cisco Catalyst 2960S F24PS L 0 46 kVA Cisco Catalyst 2960S F48TS L 0 13 kVA Cisco Catalyst 2960S F24TS L 0 09 kVA Cisco Catalyst 2960S F48TS S 0 10 kVA Cisco Catalyst 2960S F24TS S 0 08 kVA PoE and PoE Ɣ Maximum power supplied per port for PoE is 30W Ɣ Maximum power supplied per port for PoE is 15 4W Ɣ Total power dedicated to PoE or PoE is 3...

Page 14: ...ecific product before use Cisco reserves the right to refund the purchase price as its exclusive warranty remedy For further information on warranty terms visit http www cisco com go warranty Table 11 Enhanced Limited Lifetime Warranty Terms Cisco Enhanced Limited Lifetime Hardware Warranty Device covered Applies to Cisco Catalyst 2960 SF Series Switches Warranty duration As long as the original c...

Page 15: ...wledge base and tools Ɣ Next business day 8x5x4 24x7x4 or 24x7x2 advance hardware replacement and onsite parts replacement and installation available 1 Ɣ Ongoing operating system software updates within the licensed feature set 2 Ɣ Proactive diagnostics and real time alerts on Smart Call Home enabled devices Cisco Smart Foundation Service Ɣ Next business day advance hardware replacement as availab...

Page 16: ...acking requires module LAN Base software WS C2960S F24PS L 24 10 100 Fast Ethernet ports 2xSFP FlexStack stacking requires module LAN Base software WS C2960S F48TS S 48 10 100 Fast Ethernet ports 2xSFP LAN Lite software WS C2960S F24TS S 24 10 100 Fast Ethernet ports 2xSFP LAN Lite software Table 14 Ordering Information for Cisco Catalyst 2960 SF Accessories Part Numbers Description C2960S F STACK...

Page 17: ... 2012 2013 Cisco and or its affiliates All rights reserved This document is Cisco Public Information Page 17 of 17 Printed in USA C78 715638 01 03 13 ...

Reviews: