Cisco Catalyst Switch Modules 3110G and 3110X for IBM BladeCenter
6
Password-protected access (read-only and write-only access) to management interfaces (the
z
device manager and CLI) for protection against unauthorized configuration changes.
Port security option for limiting and identifying MAC addresses of the station allowed to access
z
the port.
Port security aging to set the aging time for secure addresses on a port.
z
Multilevel security for a choice of security level, notification, and resulting actions.
z
MAC-based port-level security for restricting the use of a switch port to a specific group of source
z
addresses and preventing switch access from unauthorized stations.
MAC-based access control lists (ACLs).
z
Standard and extended IP access control lists (ACLs) for defining security policies on Layer 3
z
(router ACLs) and Layer 2 (port ACLs) interfaces.
Terminal Access Controller Access Control System Plus (), a proprietary feature for
z
managing network security through a TACACS server.
RADIUS for verifying the identity of, granting access to, and tracking activities of remote users.
z
IEEE 802.1X port-based authentication to prevent unauthorized devices from gaining access to
z
the network.
IEEE 802.1X port-based authentication with VLAN assignment for restricting
z
802.1X-authenticated users to a specified VLAN.
IEEE 802.1X port-based authentication with port security for authenticating the port and
z
managing network access for all MAC addresses, including that of the client.
IEEE 802.1X port-based authentication with voice VLAN to allow an IP phone access to the voice
z
VLAN irrespective of the authorized or unauthorized state of the port.
IEEE 802.1X port-based authentication with guest VLAN to provided limited services to
z
non-802.1X-compliant users.
IEEE 802.1X accounting to track network usage.
z
Quality of Service (QoS) and Class of Service (CoS)
z
Automatic QoS (auto-QoS) to simplify the deployment of existing QoS features by classifying
z
traffic and configuring egress queues.
Cross-stack QoS for configuring QoS features to all switches in a switch stack rather than on an
z
individual-switch basis.
Classification
z
IP Type of Service/Differentiated Services Code Point (IP ToS/DSCP) and IEEE 802.1p CoS
z
marking priorities on a per-port basis for protecting the performance of mission-critical
applications.
IP ToS/DSCP and IEEE 802.1p CoS marking for flow-based packet classification
z
(classification based on information in the MAC, IP, and TCP/UDP headers) for
high-performance QoS at the network edge, allowing for differentiated service levels for
different types of network traffic and prioritizing mission-critical traffic in the network.
Trusted port states (CoS, DSCP, and IP precedence) within a QoS domain and with a port
z
bordering another QoS domain.
Trusted boundary for detecting the presence of a Cisco IP Phone, trusting the CoS value
z
received, and ensuring port security.