The following are the Cisco recommended Access Layer switches:
Catalyst 2950: For less than 50 users 10/100BaseT; 100BaseFX or 1000Base-X uplinks
Catalyst 3550: For less than 50 users 10/100BaseT; 1000Base-X uplinks;Advanced QOS, Inline power
Catalyst 4000/4500: For 250+ users 10/100/1000Base-T; 1000Base-X uplinks; Advanced QOS, Inline power.
Note that Catalyst 4000/4500 Supervisor III and IV support Cisco IOS.
Given below are some Access Layer switches available from Cisco :
1. Model: 2960-X
Max Port Density:384 (Up to 8 48-port switches in a stack)
Uplinks: 2 10GE or 4 1 Gigabit Ethernet per switch
Max Backplane Speed: 80 Gbps
Power over Ethernet: PoE+
2. Model: 3650
Max Port Density: 432 (Up to 9 48-port switches in a stack)
Uplinks: 2 Gigabit Ethernet or 4 10GE
Max Backplance Speed: 160 Gbps
Others: Full-featured routing available, integrated wireless controller, PoE+
3. Model: 3850
Max Port Density: 432 (Up to 9 48-port switches in a stack)
Uplinks: 4 Gigabit Ethernet, 4 10GE
Max Backplane Speed: 480 Gbps
Others: Full-featured routing available, integrated wireless controller,
Power Over Ethernet: PoE+, UpoE
4. Model: 4500E
Port Density: 384 (Up to 8 48-port modules per chassis)
Uplinks: Up to 12-port 10GE per module
Max Backplance Speed: 928 Gbps
Other Features: Dual supervisors, full-featured routing available, integrated wireless controller
Power Over Ethernet: PoE+, UpoE
For the given requirement, 2960-X is the appropriate answer. It will also have RIP and OSPF available for routed access. 4500-X, 6807-XL are recommended for Distribution/Core Layers. 3850 model is also an Access Layer switch, but with higher performance parameters.
Recommended Distribution and Core Layer in a campus wide network:
Model: 4500-X
Max Port Density: 80 10GE
Max Backplane: 1.6 Tbps
Others: Dual-chassis Virtual Switching System (VSS), redundancy
Model: 4500E
Max Port Density: 96 10GE or 384 Gigabit Ethernet
Max Backplane: 928 Gbps
Others: Dual supervisors
Model: 6807-XL
Max Port Density: 40 40Gbps, 160 Gigabit Ethernet, 480 Gigabit Ethernet
Max Backplane: 22.8 Tbps
Others: Dual supervisor, dual-chassis VSS, redundancy
2960-X and 3650 are access layer switches and high port density of 384 ports and 432 ports respectively.
The following Line Mode configuration options are available on a 1900/2800 or 2900XL series switches:
1. Auto: The port is put into auto negotiation mode. This is the default for 100baseTX ports. Available only on 100baseTX ports.
2. Full: Puts the port into full duplex mode. Available both on 10BaseTX and 100BaseTX
3. Full-flow-control: Puts the 100BaseTX port into full duplex mode with flow control. Available only on 100BaseTX ports.
4. Half: Puts the port into half-duplex mode. Available both on 10BaseTX and 100BaseTX.
The following are the Cisco recommended security measures for controlling access to a campus network:
1. Access Layer: This is the layer at which users log into the network and access network resources. The recommended security measures at Access Layer are:
2. Distribution Layer: The security at distribution layer is implemented by using Access Policies. These in turn make use of Access Control Lists. There are two types of IP access lists:
In addition to security, Distribution layer is responsible for sending only the data that need to reach the Core Layer. This not only achieves security, but also makes sure that Core Layer is not burdened with unnecessary traffic. This is achieved by applying Access Control Lists.
Core Layer Security: Core layer is responsible for transmitting data efficiently. For this reason, Cisco recommends that there is little or no policy at Core layer.
Cisco recommends that management VLAN (VLAN 1) be moved to another VLAN. Another way to handle the problem is to disable the ports that are not being used, and secure physical access to the networking devices
