Name: Cisco Catalyst 3560-X
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

CHAPTER

1-1

Catalyst 3750-X and 3560-X Switch Software Configuration Guide

OL-25303-03

Configuring Network Security with ACLs

This chapter describes how to configure network security on the Catalyst 3750-X or 3560-X switch by

using access control lists (ACLs), which in commands and tables are also referred to as access

lists.Unless otherwise noted, the term switch refers to a Catalyst 3750-X or 3560-X standalone switch

and to a Catalyst 3750-X switch stack.

Note Information in this chapter about IP ACLs is specific to IP Version 4 (IPv4). For information about IPv6

ACLs, see Chapter 1, “Configuring IPv6 ACLs.”

For complete syntax and usage information for the commands used in this chapter, see the command

reference for this release, see the “Configuring IP Services” section in the “IP Addressing and Services”

chapter of the Cisco IOS IP Configuration Guide, Release 12.4, and the Cisco IOS IP Command

Reference, Volume 1 of 3: Addressing and Services, Release 12.4.

Catalyst 3750-X and 3560-X switches running the IP base or IP services feature set also support Cisco

TrustSec Security Group Tag (SCT) Exchange Protocol (SXP). This feature supports security group

access control lists (SGACLs), which define ACL policies for a group of devices instead of an IP

address. The SXP control protocol allows tagging packets with SCTs without a hardware upgrade, and

runs between access layer devices at the Cisco TrustSec domain edge and distribution layer devices

within the Cisco TrustSec domain. Catalyst 3750-X and 3560-X switches operate as access layer

switches in the Cisco TrustSec network.

For more information about Cisco TrustSec, see the “Cisco TrustSec Switch Configuration Guide” at this

URL:

http://www.cisco.com/en/US/docs/switches/lan/trustsec/configuration/guide/trustsec.html

The sections on SXP define the capabilities supported on the Catalyst 3750-X and 3560-X switches.

Note On switches running the LAN base feature set, router ACLs are supported only on switch virtual

interfaces (SVIs). VLAN maps are not supported.

This chapter consists of these sections:

• Understanding ACLs, page 1-2

• Configuring IPv4 ACLs, page 1-7

• Creating Named MAC Extended ACLs, page 1-29

• Configuring VLAN Maps, page 1-32

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 3560-X and is the answer not in the manual?

Cisco Catalyst 3560-X Specifications

General

Enclosure Type	Rack-mountable - 1U
Subtype	Gigabit Ethernet
Ports	48 x 10/100/1000 + 4 x SFP
Flash Memory	64 MB
Power Device	Internal power supply
Voltage Required	AC 120/230 V (50/60 Hz)
Operating System	Cisco IOS
Device Type	Switch
Performance	Switching capacity: 128 Gbps
Jumbo Frame Support	Yes
Routing Protocol	RIP-1, RIP-2, EIGRP
Remote Management Protocol	SNMP 1, RMON 1, RMON 2, RMON 3, RMON 9, Telnet, SNMP 3, HTTP, HTTPS
Features	DHCP support, VLAN support, QoS, IPv6 support, Syslog
Compliant Standards	IEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE 802.1D, IEEE 802.1Q, IEEE 802.3ab, IEEE 802.1p, IEEE 802.3af, IEEE 802.3x, IEEE 802.3ad, IEEE 802.1w, IEEE 802.1x, IEEE 802.1s, IEEE 802.3ah, IEEE 802.1ag, IEEE 802.3at
Stacking	Stackable
Security Features	SSH, RADIUS, TACACS+
Management	CLI
Dimensions (H x W x D)	17.5 in
Operating Temperature	32 to 113 °F (0 to 45 °C)
Humidity	10 - 95% (non-condensing)