CISCO SMALL BUSINESS 500 SERIES STACKABLE MANAGED SWITCHES: OVERVIEW
The Cisco 500 Series Stackable Managed Switches provide the ideal technology foundation for demanding business networks. They offer the perfect mix of advanced features needed to ensure the availability of critical applications.
Now you can protect business information and provide a solid foundation for your current business applications, as well as those you are planning for the future-all in a package you can afford.
Cisco 500 Series Stackable Managed Switches support:
High Reliability and Resiliency: Keep your network up and running with advanced redundancy and availability features that reduce downtime and improve network resiliency so your business never slows down. Strong Security: Advanced security features protect your business data and keep unauthorized users off your network. Power-Efficient: A variety of power-saving features across all models provide one of the industry`s most extensive energy-efficient switching portfolios. Simplified Network Setup and Operations: Intuitive browser-based tools, auto-configuration and discovery, and true stacking make theses switches easy to use and manage, and simplify day-to-day network operations. Peace of Mind: All Cisco 500 Series Switches are protected for the life of the product by the Cisco Limited Lifetime Hardware Warranty, including next-business-day advance replacement (where available).
Cisco 500 Series switches provide the advanced feature set that growing businesses require, and that high-bandwidth applications and technologies demand. • Ethernet Connectivity
◦ Choose from Fast Ethernet, Gigabit Ethernet and optional 10 Gigabit Ethernet connectivity
◦ Cisco 500 models offer one or five Gigabit Ethernet expansion slots, and the Cisco 500X models offer 10 Gigabit Ethernet expansion slots
◦ Power over Ethernet Plus (PoE+) provides up to 30 watts per port
• Advanced Features
◦ Strong security features such as access control lists (ACLs), guest virtual LANs (VLANs), encrypted management data, and other advanced network defense features safeguard customer networks
◦ IPv6 support allows you to move up to the next generation of networking applications and operating systems without an extensive equipment upgrade
◦ Quality of service (QoS) on all models prioritizes network traffic to keep critical network applications running at top performance
◦ Layer 3 static (500 models) and dynamic (500X models) IP routing provide advanced traffic management capabilities to segment networks
• Energy Efficiency and Design
◦ Power-saving technology, including Energy Efficient Ethernet, reduces power consumption with the ability to enter sleep mode, turn off unused ports, and adjust power as needed
◦ More ports per Gigabit Ethernet switch includes 28- and 52-port Gigabit Ethernet switches (instead of 20 or 44 ports with four shared ports, as in traditional devices)
• Management and Investment Protection
◦ Intuitive graphical interfaces, remote management capabilities, Textview command-line interface and automated deployment tools simplify setup and configuration
◦ Deploy an end-to-end voice network dynamically using a combination of Cisco Discovery Protocol (CDP), Link Layer Discovery Protocol-Media Endpoint Devices (LLDP-MED), Auto Smartports, and Voice Service Discovery Protocol (VSDP)
◦ All switches come with a limited lifetime warranty with next-business-day advance replacement (where available), limited lifetime warranty on fans and power supplies, free software fixes for the term of the warranty, and one year of technical support to protect your investment
CISCO SG500X-24P STACKABLE MANAGED SWITCH for SMALL BUSINESS
Capacitate de transfer ξn Milioane de Pachete/secundă: 130,95 MP/s (1 Pachet = 64 Byte);
Capacitate transfer date: 176,0 Gbiți/s
MTBF (mean time between failures)
Număr de ore: 132.225 = 5.509 zile = 15 ani
Temperatură test: 40°C
maxim 16.384 adrese MAC (16KB)
Frames up to 9K (9216) bytes in length.
Unshielded twisted pair (UTP) Category 5 or better; Fiber options (SMF and MMF); Coaxial SFP+ for stacking purposes
LED power savings, System, Link/Act, PoE, Speed
Layer 2 Switching - Data Link Layer*
Spanning Tree Protocol:
◦ Standard 802.1d Spanning Tree Support
◦ Fast convergence using 802.1w (Rapid Spanning Tree [RSTP]), enabled by default
◦ Multiple spanning tree instances using 802.1s (MSTP). 16 instances are supported
◦ Port grouping/link aggregation
◦ Support for IEEE 802.3ad Link Aggregation Control Protocol (LACP)
◦ Up to 32 groups
◦ Up to 8 ports per group with 16 candidate ports for each (dynamic) 802.3ad LAG
◦ Support for up to 4096 VLANs simultaneously
◦ Port-based and 802.1Q tag-based VLANs
◦ MAC-based VLAN
◦ Management VLAN
◦ PVE (Private VLAN Edge), also known as Protected Port, with multiple uplinks
◦ Guest VLAN
◦ Unauthenticated VLAN
◦ Protocol-based VLAN
◦ CPE VLAN
◦ Dynamic VLAN assignment via Radius server along with 802.1x client authentication
Voice VLAN - Voice traffic is automatically assigned to a voice-specific VLAN and treated with appropriate levels of QoS. Auto voice capabilities deliver network-wide zero touch deployment of voice endpoints and call control devices.
Multicast TV VLAN - Multicast TV VLAN allows the single multicast VLAN to be shared in the network while subscribers remain in separate VLANs. This feature is also known as Multicast VLAN Registration (MVR).
Q-in-Q - VLANs transparently cross over a service provider network while isolating traffic among customers.
GVRP/GARP - Generic VLAN Registration Protocol (GVRP) and Generic Attribute Registration Protocol (GARP) enable automatic propagation and configuration of VLANs in a bridged domain.
DHCP Relay at Layer 2 - Relay of DHCP traffic to DHCP server in a different VLAN. Works with DHCP Option 82.
IGMP (versions 1, 2, and 3) snooping - Internet Group Management Protocol (IGMP) limits bandwidth-intensive multicast traffic to only the requesters; supports 1K (1024) and 4K (for SG500X in native mode) multicast groups (source-specific multicasting is also supported).
IGMP querier - IGMP querier is used to support a Layer 2 multicast domain of snooping switches in the absence of a multicast router.
HOL blocking - Head-of-line (HOL) blocking.
Layer 3 - Network
◦ Wirespeed routing of IPv4 packets
◦ Up to 2K (2048) static routes and up to 256 IP interfaces
Wirespeed IPv6 Static Routing - Up to 2K (2048) static routes and up to 128 IPv6 interfaces
CIDR - Support for Classless Inter-Domain Routing
RIP v2 (on 500X) - Support for Routing Information Protocol version 2, for dynamic routing
VRRP (on 500X) - Virtual Router Redundancy Protocol (VRRP) delivers improved availability in a Layer 3 network by providing redundancy of the default gateway servicing hosts on the network. VRRP versions 2 and 3 are supported. Up to 255 virtual routers are supported.
DHCP Server - Switch functions as an IPv4 DHCP Server serving IP addresses for multiple DHCP pools/scopes
DHCP Relay at Layer 3 - Relay of DHCP traffic across IP domains.
User Datagram Protocol (UDP) Relay - Relay of broadcast information across Layer 3 domains for application discovery or relaying of BOOTP/DHCP packets.
Hardware stack - Up to 8 units in a stack. Up to 416 ports managed as a single system with hardware failover.
High availability - Fast stack failover delivers minimal traffic loss.
Plug-and-play stacking configuration/management:
◦ Master/backup for resilient stack control
◦ Hot swap of units in stack
◦ Ring and chain stacking options
◦ Auto stacking port speed
◦ Flexible stacking port options
High-speed stack interconnects - Cost-effective 5G copper and high-speed 10G Fiber and Copper interfaces.
Hybrid stack - A mix of SF500, SG500, and SG500X in the same stack (10/100, Gigabit, and 10 Gigabit).
Secure Shell (SSH) Protocol - SSH is a secure replacement for Telnet traffic. SCP also uses SSH. SSH v1 and v2 are supported
Secure Sockets Layer (SSL) - SSL support: Encrypts all HTTPS traffic, allowing highly secure access to the browser-based management GUI in the switch
IEEE 802.1X :
◦ 802.1X: RADIUS authentication and accounting, MD5 hash; guest VLAN; unauthenticated VLAN, single/multiple host mode and single/multiple sessions
◦ Supports time-based 802.1X
◦ Dynamic VLAN assignment
STP Bridge Protocol Data Unit (BPDU) Guard - A security mechanism to protect the network from invalid configurations. A port enabled for BPDU Guard is shut down if a BPDU message is received on that port.
STP Root Guard - This prevents edge devices not in the network administrator,s control from becoming Spanning Tree Protocol root nodes.
DHCP snooping - Filters out DHCP messages with unregistered IP addresses and/or from unexpected or untrusted interfaces. This prevents rogue devices from behaving as a DHCP Server.
IP Source Guard (IPSG) - When IP Source Guard is enabled at a port, the switch filters out IP packets received from the port if the source IP addresses of the packets have not been statically configured or dynamically learned from DHCP snooping. This prevents IP Address Spoofing.
Dynamic ARP Inspection (DAI) - The switch discards ARP packets from a port if there is no static or dynamic IP/MAC bindings or if there is a discrepancy between the source or destination address in the ARP packet. This prevents man-in-the-middle attacks.
IP/Mac/Port Binding (IPMB) - The features (DHCP Snooping, IP Source Guard, and Dynamic ARP Inspection) above work together to prevent DOS attacks in the network, thereby increasing network availability.
Secure Core Technology (SCT) - Ensures that the switch will receive and process management and protocol traffic no matter how much traffic is received.
Secure Sensitive Data (SSD) - A mechanism to manage sensitive data (such as passwords, keys, etc) securely on the switch, populating this data to other devices, and secure autoconfig. Access to view the sensitive data as plaintext or encrypted is provided according to the user configured access level and the access method of the user.
Layer 2 isolation Private VLAN Edge (PVE) with community VLAN - PVE (also known as protected ports) provides Layer 2 isolation between devices in the same VLAN, supports multiple uplinks.
Port security - The ability to lock Source MAC addresses to ports, and limits the number of learned MAC addresses.
RADIUS/TACACS+ - Supports RADIUS and TACACS authentication. Switch functions as a client.
Storm control - Broadcast, multicast, and unknown unicast
RADIUS accounting - The RADIUS accounting functions allow data to be sent at the start and end of services, indicating the amount of resources (such as time, packets, bytes, and so on) used during the session.
DoS prevention - Denial-of-Service (DOS) attack prevention
Congestion avoidance - A TCP congestion avoidance algorithm is required to minimize and prevent global TCP loss synchronization.
◦ Support for up to 512 rules
◦ Drop or rate limit based on source and destination MAC, VLAN ID or IP address, protocol, port, differentiated services code point (DSCP)/IP precedence, TCP/ UDP source and destination ports, 802.1p priority, Ethernet type, Internet Control Message Protocol (ICMP) packets, IGMP packets, TCP flag, Time-based ACLs supported.
Quality of Service
Priority levels - 8 hardware queues
Scheduling - Strict Priority and weighted round-robin (WRR)
Rate limiting - Ingress policer; egress shaping and ingress rate control; per VLAN, per port, and flow based
Class of service :
◦ Port based;
◦ 802.1p VLAN priority based;
◦ IPv4/v6 IP precedence/ToS/DSCP based;
◦ Classification and re-marking ACLs;
◦ Trusted QoS;
◦ Queue assignment based on differentiated services code point (DSCP) and class of service (802.1p/CoS).
IPv6 host mode
IPv6 over Ethernet
Dual IPv6/IPv4 stack
IPv6 neighbor and router discovery (ND)
IPv6 stateless address auto-configuration
Path maximum transmission unit (MTU) discovery
Duplicate address detection (DAD)
ICMP version 6
IPv6 over IPv4 network with Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) support
USGv6 and IPv6 Gold Logo certified
IPv6 QoS - Prioritize IPv6 packets in hardware
IPv6 ACL - Drop or rate limit IPv6 packets in hardware
Multicast Listener Discovery (MLD v1/2) snooping - Deliver IPv6 multicast packets only to the required receivers
IPv6 applications: Web/SSL, Telnet server/SSH, ping, traceroute, Simple Network Time Protocol (SNTP), Trivial File Transfer Protocol (TFTP), SNMP, RADIUS, syslog, DNS client, Telnet Client, DHCP Client, DHCP Autoconfig, IPv6 DHCP Relay, TACACS
IPv6 RFCs supported : ▪ RFC 4443 (which obsoletes RFC2463) - ICMP version 6, ▪ RFC 4291 (which obsoletes RFC 3513) - IPv6 address architecture, ▪ RFC 4291 - IPv6 addressing architecture, ▪ RFC 2460 - IPv6 specification, ▪ RFC 4861 (which obsoletes RFC 2461) - Neighbor discovery for IPv6, ▪ RFC 4862 (which obsoletes RFC 2462) - IPv6 stateless address auto-configuration, ▪ RFC 1981 - Path MTU discovery, ▪ RFC 4007 - IPv6 scoped address architecture, ▪ RFC 3484 - Default address selection mechanism, ▪ RFC 5214 (which obsoletes RFC 4214) - ISATAP tunneling, ▪ RFC 4293 - MIB IPv6: Textual conventions and general group, ▪ RFC 3595 - Textual conventions for IPv6 flow label.
Web user interface - Built-in switch configuration utility for easy browser-based device configuration (HTTP/HTTPS). Supports configuration, system dashboard, system maintenance and monitoring.
SNMP - SNMP versions 1, 2c, and 3 with support for traps, and SNMP v3 User-based Security Model (USM)
Standard MIB (vezi: data book)
Private MIBs (vezi: data book)
RMON - Embedded RMON software agent supports 4 RMON groups (history, statistics, alarms, and events) for enhanced traffic management, monitoring, and analysis
IPv4 and IPv6 Dual Stack
Firmware upgrade :
◦ Web browser upgrade (HTTP/HTTPS) and TFTP and SCP
◦ Upgrade can be initiated through console port as well
◦ Dual images for resilient firmware upgrades
Port mirroring - Traffic on a port can be mirrored to another port for analysis with a network analyzer or RMON probe. Up to 8 source ports can be mirrored to one destination port.
VLAN mirroring - Traffic from a VLAN can be mirrored to a port for analysis with a network analyzer or RMON probe. Up to 8 source VLANs can be mirrored to one destination port.
DHCP (Options 12, 66, 67, 82, 129, and 150) - DHCP options facilitate tighter control from a central point (DHCP Server), to obtain IP address, auto configuration (with configuration file download), DHCP Relay, and host name.
Auto configuration with Secure Copy (SCP) file download - Enables secure mass deployment with protection of sensitive data.
Text-editable configs - Config files can be edited with a text editor and downloaded to another switch, facilitating easier mass deployment.
Smartports - Simplified configuration of QoS and security capabilities.
Auto Smartports - Automatically applies the intelligence delivered through the Smartports roles to the port based on the devices discovered over Cisco Discovery Protocol or LLDP-MED. This facilitates zero touch deployments.
Secure Copy (SCP) - Securely transfer files to and from the switch.
Textview CLI - Scriptable CLI. A full CLI as well as a menu CLI is supported.
Cloud Services - Support for Cisco Small Business and Cisco OnPlus.
Localization - Localization of GUI and documentation into multiple languages.
Login banner - Configurable login banners for web as well as CLI.
Time-based port operation - Link up or down based on user-defined schedule (when the port is administratively up).
Other management - Traceroute; single IP management; HTTP/HTTPS; SSH; RADIUS; port mirroring; TFTP upgrade; DHCP client; BOOTP; Simple Network Time Protocol (SNTP); Xmodem upgrade; cable diagnostics; Ping; syslog; Telnet client (SSH secure support); Automatic time settings from Management Station.
Supported Small Form-Factor Pluggable (SFP) Modules
Conexiune Switch Tip 500 cu 500:
◦ 5G copper - SFP-H10GB-CUxM
◦ 1G fiber or copper - MGBxxx
◦ 1G Base-T - embedded RJ45 (S1/S2)
Conexiune Switch Tip 500 cu 500X:
◦ 5G copper - SFP-H10GB-CUxM
◦ 1G fiber or copper - MGBxxx
Conexiune Switch Tip 500X cu 500X:
◦ 10G copper - SFP-H10GB-CUxM
◦ 10G Fiber - SFP-10G-xx
◦ 1G fiber or copper - MGBxxx.
Link Layer Discovery Protocol (LLDP) (802.1ab) with LLDP-MED extensions - LLDP allows the switch to advertise its identification, configuration, and capabilities to neighboring devices, which store the data in an MIB. LLDP-MED is an enhancement to LLDP that adds the extensions needed for IP phones.
Cisco Discovery Protocol - The switch advertises itself using the Cisco Discovery Protocol
Bonjour - The switch advertises itself using the Bonjour protocol.
Power over Ethernet (PoE)
Switches support 802.2af, 802.3at, and Cisco pre-standard (legacy) PoE.
Maximum power of 30W to any 10/100 or Gigabit base port until the PoE budget for the switch is reached.
The total power available for PoE per switch is: 375 W.
EEE Compliant (802.3az) - Supports on all copper GE ports (SG300 models).
◦ Automatically turns off power on Gigabit Ethernet RJ-45 port when the switch detects a link down
◦ Active mode is resumed without loss of any packets when the switch detects the link is back up
Cable length detection - Adjusts the signal strength based on the cable length. Reduces the power consumption for cables shorter than 10 m.
Disable port LEDs - LEDs can be manually turned off to save on Energy.
Power Savings Mode
EEE + Short Reach + Energy Detect
Web browser: Mozilla Firefox version 2.5 or later; Microsoft Internet Explorer version 6 or later
Category 5 Ethernet network cable
TCP/IP, network adapter, and network operating system (such as Microsoft Windows, Linux, or Mac OS X) installed on each computer in the network
Interfața Consola RS232 (9 pini) - Pentru configurare se conectează prin cablu serial la un calculator PC.
Se utilizează un program de emulare pentru terminal - Hyper Terminal (Microsoft), Telnet sau SSH.
POWER SUPPLY, ENVIRONMENT & DIMENSIONS
Power supply type
AC input current
Power consumption with PoE
52,2 dB la 40°C
0° ~ 40°C
-20° ~ 70°C
10 ~ 90% - (fără condensare)
3 buc. / 9.500 rpm (control turatie)
Equipment dimensions (w x h x d)
440 x 44,45 x 350 mm
Cisco 500 / 500X Series Stackable Managed Switch;
Rack mounting Kit included in all SKUs;
CD-ROM with user documentation (PDF) included
Quick Start Guide
Port Combo - Port Gigabit Ethernet combinat cu un port Mini-GBIC (numit și SFP), care utilizează aceeași interfață și număr de port. Practic este un singură interfață (port fizic) proiectată cu două tipuri de conexiuni, una pentru cablu, alta pentru fibră optică. Cele două conexiuni nu pot funcționa simultan;
OSI - Open Systems Interconnection (ISO/IEC 7498-1);
OSI Model - Open Systems Interconnection Model: este un model conceptual care caracterizează și standardizează funcțiile interne ale unui sistem de comunicații prin divizare ξn straturi (layers) funcționale. Ξn cazul nostru: 1. Physical layer 2. Data link layer 3. Network layer 4. Transport layer 5. Session layer 6. Presentation layer 7. Application layer;
QoS - Quality of Service - Calitatea serviciului se referă la mai multe aspecte legate de telefonie și rețele de calculatoare care permit transportul informațiilor cu cerințe speciale. Au fost dezvoltate tehnologii multiple pentru a permite rețelelor de calculatoare să devină la fel de utile ca rețelele de telefonie atβt pentru comunicații audio cβt și pentru noile aplicații cu cerințe dedicate serviciilor.;
SFP - Small Form-factor Pluggable (SFP) - Format Mic Conectabil, modul pentru transferul informației pe fibră optică și metodă de efectuare a comunicațiilor optice;
Stackable Switch - Un Switch stackable (lucrează ξn stivă) este un switch de rețea complet funcțional ce operează independent , dar care poate fi de asemenea, configurat pentru a funcționa ξmpreună cu unul sau mai multe alte switch-uri stackable. Acestea formează un grup de switch-uri ce prezintă caracteristicile unui singur echipament, avβnd capacitatea funcțională determinată de suma și caracteristicile porturilor existente ξn grup.