Product specifications

ManualsBrandsCisco ManualsComputer equipmentCatalyst Series Switch 2940

Feature Benefit

Superior Redundancy for

Fault Backup



IEEE 802.1D Spanning

Tree Protocol



IEEE 802.1w Rapid Spanning

Tree Protocol



Per-VLAN Rapid Spanning

Tree Plus (PVRST+)



PortFast



UniDirectional Link Detection

(UDLD) and Aggressive UDLD



Switchport Autorecovery



BPDU Guard



Spanning Tree Root Guard

(STRG)



UplinkFast/BackboneFast



Ensures loop-free networks simplifies network configuration and improves fault tolerance.



Provides rapid spanning tree convergence independent of spanning tree timers and the benefit of

distributed processing.



Allows rapid spanning tree re-convergence on a per-VLAN spanning tree basis, without requiring the

implementation of spanning tree instances.



Transitions a port directly to forwarding state after linkup, allowing users to connect to the network in 2-3 seconds,

rather than waiting ~50 seconds for spanning tree to resolve.



Unidirectional links automatically detected and disabled to avoid problems such as spanning tree loops;

Aggressive Mode automatically retries the link periodically to see if it has returned to bidirectional.



Automatically attempts to re-enable a link that is disabled due to a network error (also known as

"errdisable recovery").



Shuts down Spanning-Tree Protocol PortFast-enabled interfaces when Bridge Protocol Data Units (BPDUs) are

received to avoid accidental topology loops.



Prevents edge devices not in the network administrator's control from becoming Spanning Tree Protocol root

nodes.



Ensure quick fail-over recovery enhancing overall network stability and reliability.

Bandwidth Availability



Per-port broadcast, multicast,

and unicast storm control



Per VLAN Spanning Tree Plus

(PVST+)



IEEE 802.1s Multiple Spanning

Tree Protocol (MSTP)



VLAN Trunking Protocol (VTP)

pruning



Internet Group Management

Protocol (IGMP) Snooping



IGMP immediate-leave

processing



Multicast VLAN Registration

(MVR)



Prevents faulty end stations from degrading overall systems performance.



Allows for Layer 2 load sharing on redundant links to utilize the full capacity of a redundant design.



Allows a spanning tree instance per VLAN, enabling Layer 2 load sharing on redundant links.



Limits bandwidth consumption on VTP trunks by limiting broadcast traffic only to trunk links required to reach the

destination devices.



Provides bandwidth-intensive multicast traffic to only the requestors, rather than flooding all ports. Support for

IGMP version 1 and 2.



Faster than normal multicast leave processing, this prunes out unnecessary multicast traffic immediately after a

leave request.



Allows multicast streams in a single networkwide multicast VLAN while subscribers remain in separate VLANs for

bandwidth and security reasons.

Quality of Service/Control

Advanced Quality of Service



Honor 802.1p class of

service (CoS)



Mark/override 802.1P CoS

per port



4 egress queues per port



Weighted Round Robin (WRR)

scheduling



Strict Priority scheduling



Ability to prioritize traffic and put it in different queues.



Network administrator can enforce QoS policies, and prevent users from abusing QoS settings.



Enables network traffic to be put into 4 different queues, depending on the CoS priority.



High priority queues can be allocated more time to send traffic. However, WRR also ensures lower priority queues

are not neglected.



Guarantees that the highest-priority packets are serviced ahead of all other traffic. Particularly useful

for time-sensitive applications like voice over IP.

Security

Network Management Security



VLAN1 minimization



TACACS+ and RADIUS

Authentication



Multilevel management levels



Secure Shell v2



Allows VLAN1 to be disabled on any individual VLAN trunk link.



Terminal Access Controller Access Control System Plus (TACACS+) and Remote Authentication Dial-In User

Service (RADIUS) authentication enable centralized control of switch administration and management.



Allows for 15 levels of switch management authorization, ranging from read-only to full read/write capabilities.



SSHv2 provides network security by encrypting administrator traffic during Telnet sessions. SSHv2 requires a

special cryptographic software image because of U.S. export restrictions.

Network Edge Security



IEEE 802.1x



IEEE 802.1x with VLAN

assignment



IEEE 802.1x with Guest VLAN



IEEE 802.1x and port security



IEEE 802.1x with voice VLAN



Private VLAN Edge



SPAN for IDS



MAC address notification



Allows dynamic, port-based security, providing user authentication.



Allows a dynamic VLAN assignment for a specific user regardless of where the user is connected.



Allows guests without 802.1x clients to have limited network access on the guest VLAN.



Provided to authenticate the port and manage network access for all MAC addresses, including those of the

client.



Permits an IP phone to access the voice VLAN irrespective of the authorized or unauthorized state of the port.



Provides security and isolation between switch ports, which helps ensure that users cannot snoop on other users'

traffic.



Bidirectional data support on the Switched Port Analyzer (SPAN) port allows Cisco Secure Intrusion Detection

System (IDS) to take action when an intruder is detected.



Allows administrators to be notified of users added to or removed from the network. Good for tracking location of