EasyManuals Logo

Cisco Catalyst 3560-X User Manual

Cisco Catalyst 3560-X
1538 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #869 background imageLoading...
Page #869 background image
CHAPTER
1-1
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
OL-25303-03
1
Configuring Network Security with ACLs
This chapter describes how to configure network security on the Catalyst 3750-X or 3560-X switch by
using access control lists (ACLs), which in commands and tables are also referred to as access
lists.Unless otherwise noted, the term switch refers to a Catalyst 3750-X or 3560-X standalone switch
and to a Catalyst 3750-X switch stack.
Note Information in this chapter about IP ACLs is specific to IP Version 4 (IPv4). For information about IPv6
ACLs, see Chapter 1, “Configuring IPv6 ACLs.
For complete syntax and usage information for the commands used in this chapter, see the command
reference for this release, see the “Configuring IP Services” section in the “IP Addressing and Services”
chapter of the Cisco IOS IP Configuration Guide, Release 12.4, and the Cisco IOS IP Command
Reference, Volume 1 of 3: Addressing and Services, Release 12.4.
Catalyst 3750-X and 3560-X switches running the IP base or IP services feature set also support Cisco
TrustSec Security Group Tag (SCT) Exchange Protocol (SXP). This feature supports security group
access control lists (SGACLs), which define ACL policies for a group of devices instead of an IP
address. The SXP control protocol allows tagging packets with SCTs without a hardware upgrade, and
runs between access layer devices at the Cisco TrustSec domain edge and distribution layer devices
within the Cisco TrustSec domain. Catalyst 3750-X and 3560-X switches operate as access layer
switches in the Cisco TrustSec network.
For more information about Cisco TrustSec, see the “Cisco TrustSec Switch Configuration Guide” at this
URL:
http://www.cisco.com/en/US/docs/switches/lan/trustsec/configuration/guide/trustsec.html
The sections on SXP define the capabilities supported on the Catalyst 3750-X and 3560-X switches.
Note On switches running the LAN base feature set, router ACLs are supported only on switch virtual
interfaces (SVIs). VLAN maps are not supported.
This chapter consists of these sections:
Understanding ACLs, page 1-2
Configuring IPv4 ACLs, page 1-7
Creating Named MAC Extended ACLs, page 1-29
Configuring VLAN Maps, page 1-32

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 3560-X and is the answer not in the manual?

Cisco Catalyst 3560-X Specifications

General IconGeneral
Enclosure TypeRack-mountable - 1U
SubtypeGigabit Ethernet
Ports48 x 10/100/1000 + 4 x SFP
Flash Memory64 MB
Power DeviceInternal power supply
Voltage RequiredAC 120/230 V (50/60 Hz)
Operating SystemCisco IOS
Device TypeSwitch
PerformanceSwitching capacity: 128 Gbps
Jumbo Frame SupportYes
Routing ProtocolRIP-1, RIP-2, EIGRP
Remote Management ProtocolSNMP 1, RMON 1, RMON 2, RMON 3, RMON 9, Telnet, SNMP 3, HTTP, HTTPS
FeaturesDHCP support, VLAN support, QoS, IPv6 support, Syslog
Compliant StandardsIEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE 802.1D, IEEE 802.1Q, IEEE 802.3ab, IEEE 802.1p, IEEE 802.3af, IEEE 802.3x, IEEE 802.3ad, IEEE 802.1w, IEEE 802.1x, IEEE 802.1s, IEEE 802.3ah, IEEE 802.1ag, IEEE 802.3at
StackingStackable
Security FeaturesSSH, RADIUS, TACACS+
ManagementCLI
Dimensions (H x W x D)17.5 in
Operating Temperature32 to 113 °F (0 to 45 °C)
Humidity10 - 95% (non-condensing)

Related product manuals