EasyManuals Logo
Home>Cisco>Wireless Router>3750G - Catalyst Integrated Wireless LAN Controller

Cisco 3750G - Catalyst Integrated Wireless LAN Controller User Manual

Cisco 3750G - Catalyst Integrated Wireless LAN Controller
1204 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #60 background imageLoading...
Page #60 background image
1-8
Catalyst 3750 Switch Software Configuration Guide
OL-8550-02
Chapter 1 Overview
Features
Security Features
The switch ships with these security features:
• Web authentication to allow a supplicant (client) that does not support IEEE 802.1x functionality to
be authenticated using a web browser
• MAC authentication bypass (MAB) aging timer to detect inactive hosts that have authenticated after
they have authenticated by using MAB
• Password-protected access (read-only and read-write access) to management interfaces (device
manager, Network Assistant, and the CLI) for protection against unauthorized configuration
changes
• Multilevel security for a choice of security level, notification, and resulting actions
• Static MAC addressing for ensuring security
• Protected port option for restricting the forwarding of traffic to designated ports on the same switch
• Port security option for limiting and identifying MAC addresses of the stations allowed to access
the port
• Port security aging to set the aging time for secure addresses on a port
• BPDU guard for shutting down a Port Fast-configured port when an invalid configuration occurs
• Standard and extended IP access control lists (ACLs) for defining security policies in both directions
on routed interfaces (router ACLs) and VLANs and inbound on Layer 2 interfaces (port ACLs)
• Extended MAC access control lists for defining security policies in the inbound direction on Layer 2
interfaces
• VLAN ACLs (VLAN maps) for providing intra-VLAN security by filtering traffic based on
information in the MAC, IP, and TCP/UDP headers
• Source and destination MAC-based ACLs for filtering non-IP traffic
• IPv6 ACLs to be applied to interfaces to filter IPv6 traffic:
• DHCP snooping to filter untrusted DHCP messages between untrusted hosts and DHCP servers
• IP source guard to restrict traffic on nonrouted interfaces by filtering traffic based on the DHCP
snooping database and IP source bindings
• Dynamic ARP inspection to prevent malicious attacks on the switch by not relaying invalid ARP
requests and responses to other ports in the same VLAN
• IEEE 802.1Q tunneling so that customers with users at remote sites across a service-provider
network can keep VLANs segregated from other customers and Layer 2 protocol tunneling to ensure
that the customer’s network has complete STP, CDP, and VTP information about all users
• Layer 2 point-to-point tunneling to facilitate the automatic creation of EtherChannels
• Layer 2 protocol tunneling bypass feature to provide interoperability with third-party vendors
• IEEE 802.1x port-based authentication to prevent unauthorized devices (clients) from gaining
access to the network. These features are supported:
–
Multidomain authentication (MDA) to allow both a data device and a voice device, such as an
IP phone (Cisco or non-Cisco), to independently authenticate on the same IEEE 802.1x-enabled
switch port
–
VLAN assignment for restricting IEEE 802.1x-authenticated users to a specified VLAN
–
Port security for controlling access to IEEE 802.1x ports

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 3750G - Catalyst Integrated Wireless LAN Controller and is the answer not in the manual?

Cisco 3750G - Catalyst Integrated Wireless LAN Controller Specifications

General IconGeneral
BrandCisco
Model3750G - Catalyst Integrated Wireless LAN Controller
CategoryWireless Router
LanguageEnglish

Related product manuals