\n

PerformanceSwitching capacity and forwarding rate (All switches are wire-speed and nonblocking) \nCapacity in millions of packets per second (mpps) (64-byte packets) 14.88\nSwitching capacity in gigabits per second (Gbps) 20.0\nLayer 2 switchingSpanning Tree Protocol (STP) Standard 802.1d spanning tree support

\nFast convergence using 802.1w (Rapid Spanning Tree Protocol [RSTP]), enabled by default\nMultiple spanning tree instances using 802.1s (MSTP); 8 instances are supported\nPer-VLAN Spanning Tree Plus (PVST+); 126 instances are supported\nRapid PVST+ (RPVST+); 126 instances are supported\n

Port grouping/link aggregation Support for IEEE 802.3ad Link Aggregation Control Protocol (LACP)

\nUp to 8 groups\nUp to 8 ports per group with 16 candidate ports for each (dynamic) 802.3ad link aggregation\n

VLAN Support for up to 4093 VLANs simultaneously

\nPort-based and 802.1Q tag-based VLANs, MAC-based VLAN, protocol-based VLAN, IP subnet-based VLAN\nManagement VLAN\nPrivate VLAN with promiscuous, isolated, and community port\nPrivate VLAN Edge (PVE), also known as protected ports, with multiple uplinks Guest VLAN, unauthenticated VLAN\nDynamic VLAN assignment via RADIUS server along with 802.1X client authentication Customer premises equipment (CPE) VLAN\nAuto surveillance VLAN (ASV)\n

Voice VLAN Voice traffic is automatically assigned to a voice-specific VLAN and treated with appropriate levels of QoS. Voice Services Discovery Protocol (VSDP) delivers networkwide zero-touch deployment of voice endpoints and call control devices\nMulticast TV VLAN Multicast TV VLAN allows the single multicast VLAN to be shared in the network while subscribers remain in separate VLANs. This feature is also known as Multicast VLAN Registration (MVR)\nVLAN translation Support for VLAN one-to-one mapping, in which customer VLANs (C-VLANs) on an edge interface are mapped to service provider VLANs (S-VLANs), and the original C-VLAN tags are replaced by the specified S-VLAN\nQ-in-Q VLANs transparently cross a service provider network while isolating traffic among customers\nSelective Q-in-Q Selective Q-in-Q is an enhancement to the basic Q-in-Q feature and provides, per edge interface, multiple mappings of different C-VLANs to separate S-VLANs

\nSelective Q-in-Q also allows configuring of the Ethertype (Tag Protocol Identifier [TPID]) of the S-VLAN tag\nLayer 2 protocol tunneling over Q-in-Q is also supported\n

Generic VLAN Registration Protocol (GVRP)/Generic Attribute Registration Protocol (GARP) GVRP and GARP enable automatic propagation and configuration of VLANs in a bridged domain\nUnidirectional Link UDLD monitors physical connections to detect unidirectional links caused by incorrect\nDetection (UDLD) wiring or cable/port faults to prevent forwarding loops and blackholing of traffic in switched networks\nDHCP relay at Layer 2 Relay of DHCP traffic to a DHCP server in a different VLAN; works with DHCP Option 82\nInternet Group Management Protocol (IGMP) versions 1, 2, and 3 snooping IGMP limits bandwidth-intensive multicast traffic to only the requesters; it supports 2000 multicast groups (source-specific multicasting is also supported)\nIGMP querier IGMP querier is used to support a Layer 2 multicast domain of snooping switches in the absence of a multicast router\nIGMP proxy The IGMP proxy provides a mechanism for multicast forwarding based on IGMP membership information without the need for more complicated multicast routing protocols\nHead-of-Line (HOL) blocking HOL blocking prevention\nLoopback detection Loopback detection provides protection against loops by transmitting loop protocol packets out of ports on which loop protection has been enabled. It operates independently of STP\nLayer 3IPv4 routing Wire-speed routing of IPv4 packets

\nUp to 990 static routes and up to 128 IP interfaces\n

IPv6 routing Wire-speed routing of IPv6 packets\nLayer 3 interface Configuration of a Layer 3 interface on a physical port, LAG, VLAN interface, or loopback interface\nClassless Interdomain Routing (CIDR) Support for CIDR\nRouting Information Protocol (RIP) v2 Support for RIP v2 for dynamic routing\nPolicy-Based Routing (PBR) Flexible routing control to direct packets to a different next hop based on an IPv4 or IPv6 Access Control List (ACL)\nDHCP server Switch functions as an IPv4 DHCP server, serving IP addresses for multiple DHCP pools or scopes

\nSupport for DHCP options\n

DHCP relay at Layer 3 Relay of DHCP traffic across IP domains\nUser Datagram Protocol (UDP) relay Relay of broadcast information across Layer 3 domains for application discovery or relaying of Bootstrap Protocol (BOOTP)/DHCP packets\nSecuritySecure Shell (SSH) Protocol SSH is a secure replacement for Telnet traffic. Secure Copy Protocol (SCP) also uses SSH. SSH v1 and v2 are supported\nSecure Sockets Layer (SSL) SSL support: Encrypts all HTTPS traffic, allowing highly secure access to the browser-based management GUI in the switch\nIEEE 802.1X (authenticator role) 802.1X: RADIUS authentication and accounting, MD5 hash, guest VLAN, unauthenticated VLAN, single/multiple host mode, and single/multiple sessions

\nSupports time-based 802.1X, dynamic VLAN assignment, and MAC authentication\n

IEEE 802.1X supplicant A switch can be configured to act as a supplicant to another switch. This enables extended secure access in areas outside the wiring closet (such as conference rooms)\nWeb-based authentication Web-based authentication provides network admission control through a web browser to any host devices and operating systems\nSTP Bridge Protocol Data Unit (BPDU) Guard A security mechanism to protect the network from invalid configurations. A port enabled for BPDU Guard is shut down if a BPDU message is received on that port. This avoids accidental topology loops\nSTP Root Guard Prevents edge devices not in the network administrator’s control from becoming STP root nodes\nSTP loopback guard Provides additional protection against Layer 2 forwarding loops (STP loops)\nDHCP snooping Filters out DHCP messages with unregistered IP addresses and/or from unexpected or untrusted interfaces. This prevents rogue devices from behaving as DHCP servers\nIP Source Guard (IPSG) When IPSG is enabled at a port, the switch filters out IP packets received from the port if the source IP addresses of the packets have not been statically configured or dynamically learned from DHCP snooping. This prevents IP address spoofing\nDynamic ARP Inspection (DAI) The switch discards ARP packets from a port if there are no static or dynamic IP/MAC bindings or if there is a discrepancy between the source or destination addresses in the ARP packet. This prevents man-in-the-middle attacks\nIP/MAC/port binding (IPMB) The preceding features (DHCP snooping, IPSG, and DAI) work together to prevent Denial-of-Service (DoS) attacks in the network, thereby increasing network availability\nSecure Core Technology (SCT) Makes sure that the switch will receive and process management and protocol traffic no matter how much traffic is received\nSecure Sensitive Data (SSD) A mechanism to manage sensitive data (such as passwords, keys, and so on) securely on the switch, populating this data to other devices and a secure auto-configuration. Access to view the sensitive data as plain text or encrypted is provided according to the user-configured access level and the access method of the user\nTrustworthy systems Trustworthy systems provide a highly secure foundation for Cisco products

\nRun-time defenses (Executable Space Protection [X-Space], Address Space Layout Randomization [ASLR], Built-In Object Size Checking [BOSC])\n

Private VLAN Provides security and isolation between switch ports, which helps ensure that users cannot snoop on other users’ traffic; supports multiple uplinks.\nLayer 2 isolation Private VLAN Edge (PVE) PVE (also known as protected ports) provides Layer 2 isolation between devices in the same VLAN; supports multiple uplinks\nPort security Ability to lock source MAC addresses to ports and limit the number of learned MAC addresses\nRADIUS/TACACS+ Supports RADIUS and TACACS authentication. Switch functions as a client\nRADIUS accounting The RADIUS accounting functions allow data to be sent at the start and end of services indicating the number of resources (such as time, packets, bytes, and so on) used during the session\nStorm control Broadcast, multicast, and unknown unicast\nDoS prevention DoS attack prevention\nMultiple user privilege levels in CLI Level 1, 7, and 15 privilege levels\nACLs Support for up to 1024 rules

\nDrop or rate limit based on source and destination MAC, VLAN ID, IPv4 or IPv6 address, IPv6 flow label, protocol, port, Differentiated Services Code Point (DSCP)/IP precedence, TCP/UDP source and destination ports, 802.1p priority, Ethernet type, Internet Control Message Protocol (ICMP) packets, IGMP packets, TCP flag; ACL can be applied on both ingress and egress sides\nTime-based ACLs supported\n

Quality of servicePriority levels 8 hardware queues\nScheduling Strict priority and Weighted Round-Robin (WRR)\nClass of service Port-based, 802.1p VLAN priority-based, IPv4/IPv6 IP precedence/Type of Service (ToS)/DSCP-based, Differentiated Services (DiffServ), classification and remarking ACLs, trusted QoS

\nQueue assignment based on DSCP and Class of Service (802.1p/CoS)\n

Rate limiting Ingress policer; egress shaping and rate control per VLAN, per port, and flow based; dual-rate 3-color (2R3C) policing\nCongestion avoidance A TCP congestion avoidance algorithm is required to minimize and prevent global TCP loss synchronization\niSCSI traffic optimization A mechanism for giving priority to iSCSI traffic over other types of traffic\nStandardsStandards IEEE 802.3 10BASE-T Ethernet, IEEE 802.3u 100BASE-TX Fast Ethernet, IEEE 802.3ab

\n1000BASE-T Gigabit Ethernet, IEEE 802.3ad Link Aggregation Control Protocol, IEEE 802.3z Gigabit Ethernet, IEEE 802.3ae 10 Gbps Ethernet over fiber for LAN, IEEE 802.3an 10GBASE-T 10 Gbps Ethernet over copper twisted pair cable, IEEE 802.3x Flow Control, IEEE 802.1D (STP, GARP, and GVRP), IEEE 802.1Q/p VLAN, IEEE 802.1w Rapid STP, IEEE\n802.1s Multiple STP, IEEE 802.1X Port Access Authentication, IEEE 802.3af, IEEE 802.3at, IEEE 802.1AB Link Layer Discovery Protocol, IEEE 802.3az Energy Efficient Ethernet, RFC 768, RFC 783, RFC 791, RFC 792, RFC 793, RFC 813, RFC 826, RFC 879, RFC 896, RFC\n854, RFC 855, RFC 856, RFC 858, RFC 894, RFC 919, RFC 920, RFC 922, RFC 950, RFC\n951, RFC 1042, RFC 1071, RFC 1123, RFC 1141, RFC 1155, RFC 1157, RFC 1213, RFC\n1215, RFC 1286, RFC 1350, RFC 1442, RFC 1451, RFC 1493, RFC 1533, RFC 1541, RFC\n1542, RFC 1573, RFC 1624, RFC 1643, RFC 1700, RFC 1757, RFC 1867, RFC 1907, RFC\n2011, RFC 2012, RFC 2013, RFC 2030, RFC 2131, RFC 2132, RFC 2233, RFC 2576, RFC\n2616, RFC 2618, RFC 2665, RFC 2666, RFC 2674, RFC 2737, RFC 2819, RFC 2863, RFC\n3164, RFC 3176, RFC 3411, RFC 3412, RFC 3413, RFC 3414, RFC 3415, RFC 3416, RFC\n4330\n

IPv6IPv6 IPv6 host mode, IPv6 over Ethernet, dual IPv6/IPv4 stack

\nIPv6 neighbor and router discovery (ND), IPv6 stateless address auto-configuration, path Maximum Transmission Unit (MTU) discovery\nDuplicate Address Detection (DAD), ICMP version 6 DHCPv6 stateful client\nIPv6 over IPv4 network with Intrasite Automatic Tunnel Addressing Protocol (ISATAP) tunnel support\n

IPv6 QoS Prioritize IPv6 packets in hardware\nIPv6 ACL Drop or rate-limit IPv6 packets in hardware\nIPv6 First Hop Security RA guard

\nND inspection DHCPv6 guard\nNeighbor binding table (snooping and static entries)\nNeighbor binding integrity check\n

Multicast Listener Discovery (MLD v1/2) snooping Deliver IPv6 multicast packets only to the required receivers\nMLD proxy The MLD proxy provides a mechanism for multicast forwarding based on MLD membership information without the need for more complicated multicast routing protocols\nIPv6 applications Web/SSL, Telnet server/SSH, ping, traceroute, Simple Network Time Protocol (SNTP), Trivial File Transfer Protocol (TFTP), SNMP, RADIUS, syslog, DNS client, Telnet client, DHCP client, DHCP auto-config, IPv6 DHCP relay, TACACS+\nIPv6 RFCs supported RFC 4443 (which obsoletes RFC 2463): ICMP version 6

\nRFC 4291 (which obsoletes RFC 3513): IPv6 address architecture RFC 4291: IPv6 addressing architecture\nRFC 2460: IPv6 specification\nRFC 4861 (which obsoletes RFC 2461): neighbor discovery for IPv6\nRFC 4862 (which obsoletes RFC 2462): IPv6 stateless address auto-configuration RFC 1981: path MTU discovery\nRFC 4007: IPv6 scoped address architecture RFC 3484: default address selection mechanism\nRFC 5214 (which obsoletes RFC 4214): ISATAP tunneling\nRFC 4293: MIB IPv6: textual conventions and general group RFC 3595: textual conventions for IPv6 flow label\n

ManagementCisco Business Dashboard Support for embedded probe for Cisco Business Dashboard running on the switch. Eliminates the need to set up a separate hardware or virtual machine for the Cisco Business Dashboard Probe onsite\nCisco Business mobile app Mobile app for Cisco Business switch and wireless products. Helps to set up a local network in minutes and provide easy management at your fingertips\nCisco Network Plug and Play (PnP) agent The Cisco Network PnP solution provides a simple, secure, unified, and integrated offering to ease new branch or campus device rollouts or for provisioning updates to an existing network. The solution provides a unified approach to provision Cisco routers, switches, and wireless devices with a near-zero-touch deployment experience.

\nSupports Cisco PnP Connect\n

Web user interface Built-in switch configuration utility for easy browser-based device configuration (HTTP/HTTPS)

\nSupports simple and advanced mode, configuration, wizards, customizable dashboard, system maintenance, monitoring, online help, and universal search\n

SNMP SNMP versions 1, 2c, and 3 with support for traps, and SNMP version 3 User-Based Security Model (USM)\nRemote Monitoring (RMON) Embedded RMON software agent supports 4 RMON groups (history, statistics, alarms, and events) for enhanced traffic management, monitoring, and analysis\nIPv4 and IPv6 dual stack Coexistence of both protocol stacks to ease migration\nFirmware upgrade Web browser upgrade (HTTP/HTTPS) and TFTP and upgrade over SCP running over SSH Dual images for resilient firmware upgrades\nPort mirroring Traffic on a port can be mirrored to another port for analysis with a network analyzer or RMON probe. Up to 8 source ports can be mirrored to one destination port\nVLAN mirroring Traffic from a VLAN can be mirrored to a port for analysis with a network analyzer or RMON probe. Up to 8 source VLANs can be mirrored to one destination port\nFlow-based redirection and mirroring Redirect or mirror traffic to a destination port or mirroring session based on flow\nRemote Switch Port Analyzer (RSPAN) Traffic can be mirrored across a Layer 2 domain to a remote port on a different switch for easier troubleshooting\nsFlow agent Switch can export sFlow sample to external collectors. sFlow provides visibility into network traffic down to the flow level\nDHCP (options 12, 59, 60, 66, 67, 82, 125, 129, and 150) DHCP options facilitate tighter control from a central point (DHCP server) to obtain IP address, auto-configuration (with configuration and image file download), DHCP relay, and hostname\nSecure Copy (SCP) Securely transfer files to and from the switch\nAuto-configuration with SCP file download Enables secure mass deployment with protection of sensitive data\nText-editable configuration files Configuration files can be edited with a text editor and downloaded to another switch, facilitating easier mass deployment\nSmartports Simplified configuration of QoS and security capabilities\nAuto Smartports Applies the intelligence delivered through the Smartport roles and applies it automatically to the port based on the devices discovered over Cisco Discovery Protocol or LLDP-MED. This facilitates zero-touch deployments\nText view CLI Scriptable CLI. A full CLI as well as a menu-based CLI is supported. User privilege levels 1, 7, and 15 are supported for the CLI\nLocalization Localization of GUI and documentation into multiple languages\nLogin banner Configurable multiple banners for web as well as CLI\nOther management Traceroute, single IP management, HTTP/HTTPS, SSH, RADIUS, port mirroring, TFTP upgrade, DHCP client, BOOTP, SNTP, Xmodem upgrade, cable diagnostics, ping, syslog, Telnet client (SSH secure support), automatic time settings from management station\nGreen (power efficiency)Energy detect Automatically turns power off on an RJ-45 port when the detecting link down. Active mode is resumed without loss of any packets when the switch detects the link is up\nCable length detection Adjusts the signal strength based on the cable length. Reduces the power consumption for shorter cables\nEEE compliant (802.3az) Supports IEEE 802.3az on all copper Gigabit Ethernet ports\nDisable port LEDs LEDs can be manually turned off to save energy\nTime-based port operation Link up or down based on user-defined schedule (when the port is administratively up)\nTime-based PoE PoE power can be on or off based on a user-defined schedule to save energy\nPersistent PoE Provides PoE power while the device is rebooting\nGeneralJumbo frames Frame sizes up to 9000 bytes. The default MTU is 2000 bytes\nMAC table 16,000 addresses\nChip guard Detects tampering attempts and responds during bootup\nBoot integrity Boot integrity visibility allows Cisco\'s platform identity and software integrity information to be visible and actionable\nDiscoveryBonjour The switch advertises itself using the Bonjour protocol\nLink Layer Discovery Protocol (LLDP) (802.1ab) with LLDP-Media Endpoint Discovery (MED) extensions LLDP allows the switch to advertise its identification, configuration, and capabilities to neighboring devices that store the data in a MIB. LLDP-MED is an enhancement to LLDP that adds the extensions needed for IP phones.\nCisco Discovery Protocol The switch advertises itself using the Cisco Discovery Protocol. It also learns the connected device and its characteristics via Cisco Discovery Protocol\nPower over Ethernet (PoE)802.3af PoE, 802.3at PoE+ (The following switches support 802.3at PoE+, 802.3af, and Cisco pre-standard (legacy) PoE. The total power available for PoE per switch is as follows) \nPower dedicated to PoE 67W\nNumber of ports that support PoE 8\nHardwarePower consumption (worst case) \nSystem power consumption 110V=13.04W

\n220V=13.33W\n

Power consumption (with PoE) 110V=87.89W

\n220V=84.86W\n

Heat dissipation (BTU/hr) 299.91\nIdle Power 110V=7.76W

\n220V=7.46W\n

Ports \nTotal system ports 10 x Gigabit Ethernet\nRJ-45 ports 8 x Gigabit Ethernet\nCombo ports (RJ-45 + Small Form-Factor Pluggable [SFP]) 2 x Gigabit Ethernet combo\nConsole port Cisco standard RJ-45 console port and USB Type C port\nUSB port USB Type C port on the front panel of the switch for easy file and image management as well as console port\nButtons Reset button\nCabling type Unshielded Twisted Pair (UTP) Category 5e or better for 1000BASE-T\nLEDs System, Link/Act, PoE, Speed\nFlash 512 MB\nCPU ARM dual-core at 1.4 GHz\nDRAM 1 GB DDR4\nPacket buffer All numbers are aggregate across all ports, as the buffers are dynamically shared:

\n1.5 MB\n

Supported SFP modules MGBSX1

\nMGBLX1\nMGBLH1\nMGBT1\nGLC-SX-MMD\nGLC-EX-SMD\nGLC-ZX-SMD\nGLC-LH-SMD\nGLC-BX-U\nGLC-BX-D\nGLC-TE\nCWDM-SFP-1470\nCWDM-SFP-1490\nCWDM-SFP-1510\nCWDM-SFP-1530\nCWDM-SFP-1550\nCWDM-SFP-1570\nCWDM-SFP-1590\nCWDM-SFP-1610\n

EnvironmentalUnit dimensions (W x D x H) 268 x 185 x 44 mm (10.56 x 7.28 x 1.73 in)\nUnit weight 1.72 kg (3.79 lb)\nPower 100-240V 50-60 Hz, external\nCertifications UL (UL 62368), CSA (CSA 22.2), CE mark, FCC Part 15 (CFR 47) Class A\nOperating temperature 23° to 122°F (-5° to 50°C)\nStorage temperature -13° to 158°F (-25° to 70°C)\nOperating humidity 10% to 90%, relative, noncondensing\nStorage humidity 10% to 90%, relative, noncondensing\nAcoustic noise and mean time between failures (MTBF) \nFAN (number)Fanless \nAcoustic noise N/A\nMTBF at 25°C (hours) 2,865,360\nWarranty Limited lifetime with return-to-factory replacement\nPackage contents Cisco Catalyst 1300 Series Switch\n Power adapter\n Mounting kit\n Pointer card\nMinimum requirements Web browser: Chrome, Firefox, Edge, Safari\n Category 5e Ethernet network cable\n TCP/IP, network adapter, and network operating system (such as Microsoft Windows, Linux, or Mac OS X) installed

\n ukryj opis