Cisco 4500M Software Manual page 40

Management and Security Features
Local Authentication, Remote Authentication Dial-In User Service (RADIUS), and Terminal
•
Access Controller Access Control System Plus (TACACS+) authentication—These authentication
methods control access to the switch. For additional information, refer to the chapter
"Authentication, Authorization, and Accounting (AAA)," in Cisco IOS Security Configuration
Guide, Release 12.1, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/secur_c/scprt1/index.htm
• Visual port status information—The switch LEDs provide visual management of port- and
switch-level status.
Auto 10/100/1000 negotiation—This feature allows you to configure a port to limit the speed at
•
which it will autonegotiate to a speed lower than the physically maximum speed. This method of
reducing the throughput incurs much less overhead than using an ACL.
Secure Shell—Secure Shell (SSH) is a program that enables you to log into another computer over
•
a network, to execute commands remotely, and to move files from one machine to another. The
switch may not initiate SSH connections: SSH will be limited to providing a remote login session
to the switch and will only function as a server.
NetFlow statistics—This feature is a global traffic monitoring feature that allows flow-level
•
monitoring of all IPv4-routed traffic through the switch.
User Based Rate Limiting (UBRL)—This feature adopts microflow policing to dynamically learn
•
traffic flows and rate limit each unique flow to an individual rate. UBRL is available only on the
Supervisor Engine V-10GE with the built-in NetFlow support.
Switched Port Analyzer (SPAN)—SPAN allows you to monitor traffic on any port for analysis by a
•
network analyzer or Remote Monitoring (RMON) probe. You also can do the following:
–
–
–
–
–
For information on SPAN, see
Remote SPAN (RSPAN)—RSPAN is an extension of SPAN, where source ports and destination
•
ports are distributed across multiple switches, allowing remote monitoring of multiple switches
across the network. The traffic for each RSPAN session is carried over a user-specified RSPAN
VLAN that is dedicated for that RSPAN session on all participating switches.
For information on RSPAN, see
Simple Network Management Protocol—SNMP facilitates the exchange of management
•
information between network devices. The Catalyst 4500 series switch supports these SNMP types
and enhancements:
–
–
–
–
Software Configuration Guide—Release 12.2(25)EW
1-12
Configure ACLs on SPAN sessions.
Allow incoming traffic on SPAN destination ports to be switched normally.
Explicitly configure the encapsulation type of packets that are spanned out of a destination port.
Restrict ingress sniffing depending on whether the packet is unicast, multicast, or broadcast, and
depending on whether the packet is valid.
Mirror packets sent to or from the CPU out of a SPAN destination port for troubleshooting
purposes.
SNMP—A full Internet standard
SNMP v2—Community-based administrative framework for version 2 of SNMP
SNMP v3—Security framework with three levels: noAuthNoPriv, authNoPriv, and authPriv
(available only on a crypto image, like cat4000-i5k91s-mz)
SNMP trap message enhancements—Additional information with certain SNMP trap messages,
including spanning-tree topology change notifications and configuration change notifications
Chapter 39, "Configuring SPAN and RSPAN."
Chapter 39, "Configuring SPAN and RSPAN."
Chapter 1 Product Overview
OL-6696-01