Management And Security Features - Cisco 4500M Software Manual
Software guide
Hide thumbs
Also See for 4500M:
- Command reference manual (578 pages) ,
- Hardware installation and maintenance manual (143 pages) ,
- Upgrade manual (24 pages)
Table of Contents
Advertisement
Chapter 1
Product Overview
Management and Security Features
The Catalyst 4500 series switch offers network management and control through the CLI or through
alternative access methods, such as SNMP. The switch software supports these network management and
security features:
•
•
•
•
•
•
•
•
•
•
•
OL-6696-01
Intelligent Power Management—Intelligent Power Management (IPM)—Working with powered
devices (PDs) from Cisco, this feature uses power negotiation to refine the power consumption of a
802.3af-compliant PD beyond the granularity of power consumption provided by the 802.3af class.
Power negotiation also enables the backward compatibility of newer PDs with older modules that
do not support either 802.3af or high-power levels as required by IEEE standard.
Stateful switchover (SSO)—This feature propagates configuration and state information from the
active to the redundant supervisor engine so that sub-second interruptions in Layer 2 traffic occur
when the active supervisor engine switches over to the redundant supervisor engine.
Stateful IGMP Snooping
–
This feature propagates the IGMP data learned by the active supervisor engine to the redundant
supervisor engine so that when a switchover occurs, the newly active supervisor engine is aware
of the multicast group membership, which alleviates a disruption to multicast traffic during a
switchover.
–
Stateful DHCP Snooping
This feature propagates the DHCP-snooped data from the active supervisor engine to the
redundant supervisor engine so that when a switchover occurs, the newly active supervisor
engine is aware of the DHCP data that was already snooped, and the security benefits continue
uninterrupted.
802.1X protocol—This feature provides a means for a host that is connected to a switch port to be
authenticated before it is given access to the switch services.
802.1X with VLAN assignment—This feature allows you to enable non-802.1X-capable hosts to
access networks that use 802.1X authentication.
802.1X authentication for guest VLANs—This feature allows you to use VLAN assignment to limit
network access for certain users.
802.1X RADIUS accounting—This feature allows you to track the usage of network devices.
802.1X with Voice VLAN—This feature allows you to use 802.1X security on a port while enabling
it to be used by both Cisco IP phones and devices with 802.1X supplicant support.
Dynamic ARP inspection—This feature intercepts all ARP requests, replies on untrusted ports, and
verifies each intercepted packet for valid IP to MAC bindings. Dynamic ARP Inspection helps to
prevent attacks on a network by not relaying invalid ARP replies out to other ports in the same
VLAN. Denied ARP packets are logged by the switch for auditing.
Password-protected access (read-only and read-write)—This feature protects management
interfaces against unauthorized configuration changes.
Flood Blocking—This feature enables users to disable the flooding of unicast and multicast packets
on a per-port basis. Occasionally, unknown unicast or multicast traffic from an unprotected port is
flooded to a protected port because a MAC address has timed out or has not been learned by the
switch.
Port Security—This feature restricts traffic on a port based upon the MAC address of the workstation
that accesses the port.
Management and Security Features
Software Configuration Guide—Release 12.2(25)EW
1-11
Advertisement
Table of Contents
