beautypg.com

Cisco 3750 Series User Manual

Page 7

background image

Cisco Systems, Inc.

All contents are Copyright © 1992–2003 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.

Page 7 of 10

Access Control (MAC) addresses, IP addresses, or Transmission Control Protocol (TCP)/User Datagram Protocol

(UDP) ports. ACL lookups are done in hardware—forwarding and routing performance is not compromised when

implementing ACL-based security. An additional protection method is to use port security, which ensures the

appropriate user is on the network by limiting access to the port based on MAC addresses.

Q.

For security purposes, how can I monitor or track activities in my network?

A.

Intrusion detection systems are tailored to monitor and track activities in a network. The Cisco Catalyst 3750

can complement this through features such as MAC address notification, which will send an alert to a management

station so that network administrators know when and where users came on to the network and can take appropriate

actions. The DHCP Interface Tracker (Option 82) feature will track where a user is physically connected on a

network by providing both switch and port ID to a DHCP server.

Q.

For security purposes, how do I protect administration passwords and traffic going to the switch during

configuration or troubleshooting?

A.

To protect administration traffic during the configuration or troubleshooting of a switch (such as passwords or

device configuration settings), the best approach is to encrypt the data. Both SSH and SNMPv3 provide encryption

of data during Telnet sessions and SNMP sessions.

Network Management

Q.

Do the Cisco Catalyst 3750 switches support Cisco Switch Clustering technology?

A.

Yes, the Cisco Catalyst 3750 switches can be managed using the Web-based Cisco Cluster Management Suite

(CMS) Software, which uses Cisco Switch Clustering technology. Cisco CMS is Web-based software that is embedded

in Cisco Catalyst 3750, 3550, 2950, 3500 XL, 2900 XL, 2900 LRE XL, and 1900 switches. Through Cisco Switch

Clustering technology, users access Cisco CMS with any standard Web browser to manage up to 16 of these switches

at once, regardless of their geographic proximity with the option of using a single IP address if desired. With the

addition of the Cisco Catalyst 3750 switches, Cisco CMS can now extend beyond routed boundaries for even more

flexibility in managing a Cisco cluster.

Cisco CMS provides an integrated management interface for delivering intelligent services, enabling users to manage

their entire LAN with one robust tool. By bringing the simplicity of traditional LAN switching to intelligent services

such as multilayer switching, QoS, multicast, and security ACLs, Cisco CMS allows administrators to take advantage

of benefits formerly reserved for only the most complex networks. The new Guide Mode in Cisco CMS leads the user

step by step through the configuration of high-end features and provides enhanced online help for context-sensitive

assistance. In addition, a Solution Wizard provides automated configuration of the switch for video streaming or

videoconferencing. Future software will provide Solution Wizards for voice over IP (VoIP), mission-critical

applications, and security.

Cisco CMS supports standards-based connectivity options such as Ethernet, Fast Ethernet, Fast EtherChannel

®

,

Gigabit Ethernet, and Gigabit EtherChannel connectivity. Because Cisco Switch Clustering technology is not limited

by proprietary stacking modules, stacking cables or interconnection media, Cisco CMS expands the traditional

cluster domain beyond a single wiring closet and lets users mix and match interconnections to meet specific

management, performance, and cost requirements.