Power supply redundancy for nonstop operation, Robust security, Comprehensive management – Cisco 4948 Series User Manual

© 2006 Cisco Systems, Inc. All rights reserved.

Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.

Page 2 of 16

Power Supply Redundancy for Nonstop Operation

The Cisco Catalyst 4948 provides reliability for critical applications with 1 + 1 redundant hot-swappable internal AC or DC power supplies. The

1 + 1 power supply design provides A-to-B failover when power supplies are connected to different circuits. AC and DC power supplies can be

mixed in the same unit for maximum deployment flexibility. The Cisco Catalyst 4948 also has a hot-swappable fan tray with four redundant fans

for additional serviceability and availability.

Robust Security

Multiple server communities can be securely established on a single Cisco Catalyst 4948. The switch can isolate different Layer 2 community traffic

simultaneously, while conserving IP address space. In an unlikely event that a server is compromised, the Cisco Catalyst 4948 can prevent man-in-

the-middle and IP spoofing attacks to the rest of community with no change to the server configuration. Such attacks can be logged by the Cisco

Catalyst 4948 for auditing.

The Cisco Catalyst 4900 Series offers a rich set of integrated security features to proactively lock down your critical network infrastructure. It

reduces network security risks with a rich set of Network Admission Control (NAC) capabilities and 802.1x-based user authentication, authorization,

and accounting (AAA). The security policy enforcement is uncompromised with the wire-rate, dedicated access-control lists (ACLs) to fend off ever-

increasing virus and security attacks. The Cisco Catalyst 4900 Series offers powerful, easy-to-use tools to effectively prevent untraceable man-in-the-

middle attacks, control plane resource exhaustion, IP spoofing, and flooding attacks, without any change to the end-user or host configurations.

Secure remote access, file transfers, and network management are accomplished with the Secure Shell (SSH Version 1 and Version 2) Protocol,

Secure Copy Protocol (SCP), and Simple Network Management Protocol (SNMP) v3, respectively.

Network Admission Control (NAC) is a foundational component of the Cisco Self-Defending Network strategy, improving the network’s ability

to automatically identify, prevent, and respond to security threats. NAC enables the Cisco Catalyst switches to collaborate with third-party solutions

for security-policy compliance and enforcement before a host is permitted to access the network.

NAC performs posture validation at the Layer 2 network edge for hosts with or without 802.1x enabled. Vulnerable and noncompliant hosts can be

isolated, given reduced network access or directed to remediation servers based on organizational policy. By ensuring that every host complies with

security policy, organizations can significantly reduce the damage caused by infected hosts. NAC is available through standard software upgrades or

Cisco SMARTnet contracts on Cisco Catalyst switches.

Comprehensive Management

The Cisco Catalyst 4948 includes a single, dedicated 10/100 console port and a single, dedicated 10/100 management port for offline disaster

recovery. Remote in-band management is available with SNMP, Telnet client, BOOTP, and Trivial File Transfer Protocol (TFTP). Support for

local or remote out-of-band management is delivered through a terminal or modem attached to the console interface. The management port helps

enable the Cisco Catalyst 4948 to reload a new image from a TFTP server within seconds.

The Cisco Catalyst 4948 delivers a comprehensive set of management tools to provide the visibility and control required for server switching.

Managed with Cisco Works solutions and embedded Cisco View, the Cisco Catalyst 4948 can be configured and managed to deliver device, VLAN,

traffic, and policy management. These Web-based management tools offer numerous services, including software deployment and quick isolation of

error conditions.

SOFTWARE CONFIGURATION OPTIONS

Table 1 gives descriptions of the software configuration options for the Cisco Catalyst 4948.