Cisco SMB SF350-48P-K9-UK 48 Port Ethernet PoE+ Switch
The Cisco SF350-48P-K9-UK is a 48-Port Layer 3 Managed Fast Ethernet PoE+ Switch, part of the Cisco Small Business line of network solutions, a portfolio of affordable managed switches that provides a reliable foundation for your business network.
Cisco SF350-48P-K9-UK Key Features
- 48 x 10/100 Fast Ethernet RJ45 ports with two 2 x combo mini-GBIC ports
- Includes two 2 x 10/100/1000 Gigabit Cooper ports.
- Includes Power over Ethernet (PoE+) functionality.
- Supports Textview, a full command-line interface (CLI).
- Includes support for Simple Network Management Protocol (SNMP).
- Support for the Energy Efficient Ethernet (IEEE 802.3az) standard.
- Provides performance and advanced traffic-handling intelligence.
- Private VLAN Edge (PVE) provides Layer 2 isolation between devices.
- Simple-to-use graphical interfaces to help reduce deployment time.
- Embedded Secure Sockets Layer (SSL) encryption to protect management data.
- Advanced network security applications including dynamic Address Resolution Protocol (ARP).
This Cisco SF350-48P Fast Ethernet switch delivers the features you need to improve the availability of your critical business applications, protect your sensitive information, and optimize your network bandwidth to deliver information and applications more effectively. Easy to set up and use, this Cisco SF350-48P Fast Ethernet switch provides the ideal combination of affordability and capabilities for small businesses and helps you create a more efficient, better-connected workforce.
hether you need a basic high-performance network to connect employee computers or a solution to deliver data, voice, and video services, this Cisco SF350-48P switch offers a solution to meet your needs. Possible deployment scenarios include:
Secure desktop connectivity
This Cisco SF350-48P can simply and securely connect employees working in small offices with each other and with all of the servers, printers, and other devices they use. High performance and reliable connectivity help speed file transfers and data processing, improve network uptime, and keep your employees connected and productive.
Secure wireless connectivity
With its advanced security features, Power over Ethernet, Auto Smartports, QoS, VLAN, and access control features, this Cisco SF350-48P switch is the perfect foundation to add business-grade wireless to a business network.
Unified communications
As a managed network solution, this Cisco SF350-48P switch provides the performance and advanced traffic-handling intelligence you need to deliver all communications and data over a single network. Cisco offers a complete portfolio of IP telephony and other unified communications products designed for businesses. This Cisco SF350-48P switch has been rigorously tested to help ensure easy integration and full compatibility with these and other products, providing a complete business solution.
Highly secure guest connectivity
This Cisco SF350-48P switch lets you extend highly secure network connectivity to guests in a variety of settings, such as a hotel, an office waiting room, or any other area open to nonemployee users. Using powerful but easy-to-configure security and traffic segmentation capabilities, you can isolate your vital business traffic from guest services and keep guests’ network sessions private from each other.
Cisco SF350-48P-K9-UK - Technical Specifications
Performance
- Capacity in Millions of Packets per Second (mpps) (64-byte packets): 13.10
- Switching Capacity in Gigabits per Second (Gbps): 17.6
- USB slot: for file-management purposes
Layer 2 Switching
- Spanning Tree Protocol:
- Standard 802.1d Spanning Tree support
- Fast convergence using 802.1w (Rapid Spanning Tree [RSTP]), enabled by default
- 8 instances are supported
- Multiple Spanning Tree instances using 802.1s (MSTP)
- Port grouping:
- Support for IEEE 802.3ad Link Aggregation Control Protocol (LACP)
- Up to 8 groups
- Up to 8 ports per group with 16 candidate ports for each (dynamic) 802.3ad link aggregation
- VLAN:
- Support for up to 4096 VLANs simultaneously
- Port-based and 802.1Q tag-based VLANs
- MAC-based VLAN
- Management VLAN
- Private VLAN Edge (PVE), also known as protected ports, with multiple uplinks
- Guest VLAN
- Unauthenticated VLAN
- Dynamic VLAN assignment via RADIUS server along with 802.1x client authentication
- CPE VLAN
- Voice VLAN:
- Voice traffic is automatically assigned to a voice-specific VLAN and treated with appropriate levels of QoS.
- Auto voice capabilities deliver networkwide zero-touch deployment of voice endpoints and call control devices.
- Multicast TV VLAN: Multicast TV VLAN allows the single multicast VLAN to be shared in the network while subscribers remain in separate VLANs (also known as MVR)
- Q-in-Q VLAN: VLANs transparently cross a service provider network while isolating traffic among customers
- Generic VLAN Registration Protocol (GVRP)/Generic Attribute Registration Protocol (GARP): Protocols for automatically propagating and configuring VLANs in a bridged domain
- Unidirectional Link Detection (UDLD): UDLD monitors physical connection to detect unidirectional links caused by incorrect wiring or cable/port faults to prevent forwarding loops and blackholing of traffic in switched networks
- Dynamic Host Configuration Protocol (DHCP) Relay at Layer 2: Relay of DHCP traffic to DHCP server in different VLAN; works with DHCP Option 82
- Internet Group Management Protocol (IGMP) versions 1, 2, and 3 snooping: IGMP limits bandwidth-intensive multicast traffic to only the requesters; supports 1K multicast groups (source-specific multicasting is also supported)
- IGMP Querier: IGMP querier is used to support a Layer 2 multicast domain of snooping switches in the absence of a multicast router
- Head-of-line (HOL) blocking: HOL blocking prevention
- Jumbo frames: Up to 9K (9216) bytes
Layer 3
- IPv4: Wirespeed routing of IPv4 packets, Up to 512 static routes and up to 128 IP interfaces
- Classless Interdomain Routing (CIDR): Support for CIDR
- Layer 3 Interface:
- Configuration of Layer 3 interface on physical port, LAG, VLAN interface, or loopback interface
- DHCP relay at Layer 3
- Relay of DHCP traffic across IP domains
- User Datagram Protocol (UDP) relay: Relay of broadcast information across Layer 3 domains for application discovery or relaying of bootP/DHCP packets
- DHCP Server: Switch functions as an IPv4 DHCP server serving IP addresses for multiple DHCP pools/scopes, Support for DHCP options
Security
- Secure Shell (SSH) Protocol: SSH is a secure replacement for Telnet traffic. SCP also uses SSH. SSH v1 and v2 are supported
- Secure Sockets Layer (SSL): SSL support: Encrypts all HTTPS traffic, allowing highly secure access to the browser-based management GUI in the switch
- IEEE 802.1X (Authenticator role): 802.1X: RADIUS authentication and accounting, MD5 hash; guest VLAN; unauthenticated VLAN, single/multiple host mode and single/multiple sessions, Supports time-based 802.1X, Dynamic VLAN assignment
- Web based authentication provides network admission control through web browser to any host devices and operating systems.
- STP Bridge Protocol Data Unit (BPDU) Gaurd: A security mechanism to protect the network from invalid configurations. A port enabled for BPDU Guard is shut down if a BPDU message is received on that port.
- STP Root Gaurd: This prevents edge devices not in the network administrator’s control from becoming Spanning Tree Protocol root nodes.
- DHCP snooping: Filters out DHCP messages with unregistered IP addresses and/or from unexpected or untrusted interfaces. This prevents rogue devices from behaving as DHCP Servers
- IP Source Guard (IPSG): When IP Source Guard is enabled at a port, the switch filters out IP packets received from the port if the source IP addresses of the packets have not been statically configured or dynamically learned from DHCP snooping. This prevents IP Address Spoofing
- Dynamic ARP Inspection (DAI): The switch discards ARP packets from a port if there are no static or dynamic IP/MAC bindings or if there is a discrepancy between the source or destination addresses in the ARP packet. This prevents man-in-the-middle attacks
- IP/MAC/Port Binding (IPMB): The preceding features (DHCP Snooping, IP Source Guard, and Dynamic ARP Inspection) work together to prevent DOS attacks in the network, thereby increasing network availability
- Secure Core Technology: Makes sure that the switch will receive and process management and protocol traffic no matter how much traffic is received
- Secure sensitive data: A mechanism to manage sensitive data (such as passwords, keys, and so on) securely on the switch, populating this data to other devices, and secure autoconfig. Access to view the sensitive data as plaintext or encrypted is provided according to the user-configured access level and the access method of the user
- Layer 2 isolation Private VLAN Edge (PVE) with community VLAN: PVE (also known as protected ports) provides Layer 2 isolation between devices in the same VLAN, supports multiple uplinks
- Port Security:The ability to lock source MAC addresses to ports and limits the number of learned MAC addresses
- RADIUS/TACACS+: Supports RADIUS and TACACS authentication. Switch functions as a client
- Storm Control: Broadcast, multicast, and unknown unicast
- RADIUS accounting: The RADIUS accounting functions allow data to be sent at the start and end of services, indicating the amount of resources (such as time, packets, bytes, and so on) used during the session
- DoS prevention: Denial-Of-Service (DOS) attack prevention
- ACLs: Support for up to 512 rules, Drop or rate limit based on source and destination MAC, VLAN ID or IP address, protocol, port, Differentiated Services Code Point (DSCP)/IP precedence, TCP/UDP source and destination ports, 802.1p priority, Ethernet type, Internet Control Message Protocol (ICMP) packets, IGMP packets, TCP flag, time-based ACLs supported
Quality of Service
- Priority levels: 8 hardware queues
- Scheduling: Strict priority and Weighted Round-Robin (WRR), Queue assignment based on DSCP and class of service (802.1p/CoS)
- Class of Service: Port based; 802.1p VLAN priority based; IPv4/v6 IP precedence/Type of Service (ToS)/DSCP based; Differentiated Services (DiffServ); classification and remarking ACLs, trusted QoS
- Rate limiting: Ingress policer; egress shaping and rate control; per VLAN, per port, and flow based
- Congestion avoidance: A TCP congestion avoidance algorithm is required to minimize and prevent global TCP loss synchronisation
Standards
- IEEE 802.3 10BASE-T Ethernet, IEEE 802.3u 100BASE-TX Fast Ethernet, IEEE 802.3ab 1000BASE-T Gigabit Ethernet, IEEE 802.3ad LACP, IEEE 802.3z Gigabit Ethernet, IEEE 802.3x Flow Control, IEEE 802.1D (STP, GARP, and GVRP), IEEE 802.1Q/p VLAN, IEEE 802.1w RSTP, IEEE 802.1s Multiple STP, IEEE 802.1X Port Access Authentication, IEEE 802.3af, IEEE 802.3at, RFC 768, RFC 783, RFC 791, RFC 792, RFC 793, RFC 813, RFC 879, RFC 896, RFC 826, RFC 854, RFC 855, RFC 856, RFC 858, RFC 894, RFC 919, RFC 922, RFC 920, RFC 950, RFC 1042, RFC 1071, RFC 1123, RFC 1141, RFC 1155, RFC 1157, RFC 1350, RFC 1533, RFC 1541, RFC 1624, RFC 1700, RFC 1867, RFC 2030, RFC 2616, RFC 2131, RFC 2132, RFC 3164, RFC 3411, RFC 3412, RFC 3413, RFC 3414, RFC 3415, RFC 2576, RFC 4330, RFC 1213, RFC 1215, RFC 1286, RFC 1442, RFC 1451, RFC 1493, RFC 1573, RFC 1643, RFC 1757, RFC 1907, RFC 2011, RFC 2012, RFC 2013, RFC 2233, RFC 2618, RFC 2665, RFC 2666, RFC 2674, RFC 2737, RFC 2819, RFC 2863, RFC 1157, RFC 1493, RFC 1215, RFC 3416
IPv6
- IPv6 host mode
- IPv6 over Ethernet
- Dual IPv6/IPv4 stack
- IPv6 neighbor and router discovery (ND)
- IPv6 stateless address autoconfiguration
- Path Maximum Transmission Unit (MTU) discovery
- Duplicate Address Detection (DAD)
- ICMP version 6
- IPv6 over IPv4 network with Intrasite Automatic Tunnel Addressing Protocol (ISATAP) support
- USGv6 and IPv6 Gold Logo certified
- IPv6 QoS: Prioritize IPv6 packets in hardware
- IPv6 ACL: Drop or rate limit IPv6 packets in hardware
- IPv6 First Hop Security: RA guard, ND inspection, DHCPv6 guard, Neighbor binding table (snooping and static entries), Neighbour binding integrity check
- Multicast Listener Discovery (MLD v1/2) snooping: Deliver IPv6 multicast packets only to the required receivers
- IPv6 applications: Web/SSL, Telnet server/SSH, ping, traceroute, Simple Network Time Protocol (SNTP), Trivial File Transfer Protocol (TFTP), SNMP, RADIUS, syslog, DNS client, Telnet Client, DHCP Client, DHCP Autoconfig, IPv6 DHCP Relay, TACACS
- IPv6 RFCs supported: RFC 4443 (which obsoletes RFC2463): ICMP version 6, RFC 4291 (which obsoletes RFC 3513): IPv6 address architecture,RFC 4291: IPv6 addressing architecture, RFC 2460: IPv6 specification, RFC 4861 (which obsoletes RFC 2461): neighbor discovery for IPv6
Management
- Web user interface: Built-in switch configuration utility for easy browser-based device configuration (HTTP/HTTPS). Supports configuration, system dashboard, system maintenance, and monitoring.
- SNMP versions 1, 2c, and 3 with support for traps, and SNMP version 3 user-based security model (USM)
Standard MIBs
- draft-ietf-bridge-8021x-MIB
- draft-ietf-bridge-rstpmib-04-MIB
- draft-ietf-hubmib-etherif-MIB-v3-00-MIB
- draft-ietf-syslog-device-MIB
- ianaaddrfamnumbers-MIB
- ianaifty-MIB
- ianaprot-MIB
- inet-address-MIB
- ip-forward-MIB
- ip-MIB
- RFC1155-SMI
- RFC1213-MIB
- SNMPv2-MIB
- SNMPv2-SMI
- SNMPv2-TM
- RMON-MIB.my
- dcb-raj-DCBX-MIB-1108-MIB rfc1724-MIB
- RFC-1212.my_for_MG-Soft
- rfc1213-MIB
- rfc1757-MIB RFC-
- 1215.my SNMPv2-
- CONF.my
- SNMPv2-TC.my
- rfc2674-MIB
- rfc2575-MIB
- rfc2573-MIB
- rfc2233-MIB
- rfc2013-MIB
- rfc2012-MIB
- rfc2011-MIB
- draft-ietf-entmib-sensor-MIB
- lldp-MIB
- lldpextdot1-MIB
- lldpextdot3-MIB
- lldpextmed-MIB
- p-bridge-MIB
- q-bridge-MIB
- rfc1389-MIB
- rfc1493-MIB
- rfc1611-MIB
- rfc1612-MIB
- rfc1850-MIB
- rfc1907-MIB
- rfc2571-MIB
- rfc2572-MIB
- rfc2574-MIB
- rfc2576-MIB
- rfc2613-MIB
- rfc2665-MIB
- rfc2668-MIB
- rfc2737-MIB
- rfc2925-MIB
- rfc3621-MIB
- rfc4668-MIB
- rfc4670-MIB
- trunk-MIB
- tunnel-MIB
- udp-MIB
Private MIBs
- CISCOSB-lldp-MIB CISCOSB-
- brgmulticast-MIB CISCOSB-
- bridgemibobjects-MIB
- CISCOSB-bonjour-MIB
- CISCOSB-dhcpcl-MIB
- CISCOSB-MIB
- CISCOSB-wrandomtaildrop-MIB
- CISCOSB-traceroute-MIB
- CISCOSB-telnet-MIB
- CISCOSB-stormctrl-MIB
- CISCOSB-ssh-MIB
- CISCOSB-socket-MIB
- CISCOSB-sntp-MIB
- CISCOSB-smon-MIB
- CISCOSB-phy-MIB
- CISCOSB-multisessionterminal-MIB
- CISCOSB-mri-MIB
- CISCOSB-jumboframes-MIB
- CISCOSB-gvrp-MIB
- CISCOSB-endofmib-MIB
- CISCOSB-dot1x-MIB
- CISCOSB-deviceparams-MIB
- CISCOSB-cli-MIB
- CISCOSB-cdb-MIB
- CISCOSB-brgmacswitch-MIB
- CISCOSB-3sw2swtables-MIB
- CISCOSB-smartPorts-MIB
- CISCOSB-tbi-MIB
- CISCOSB-macbaseprio-MIB
- CISCOSB-policy-MIB
- CISCOSB-env_mib
- CISCOSB-sensor-MIB
- CISCOSB-aaa-MIB
- CISCOSB-application-MIB
- CISCOSB-bridgesecurity-MIB
- CISCOSB-copy-MIB
- CISCOSB-CpuCounters-MIB
- CISCOSB-Custom1BonjourService-MIB
- CISCOSB-dhcp-MIB
- CISCOSB-dlf-MIB
- CISCOSB-dnscl-MIB
- CISCOSB-embweb-MIB
- CISCOSB-fft-MIB
- CISCOSB-file-MIB
- CISCOSB-greeneth-MIB
- CISCOSB-interfaces-MIB
- CISCOSB-interfaces_recovery-MIB
- CISCOSB-ip-MIB
- CISCOSB-iprouter-MIB
- CISCOSB-ipv6-MIB
- CISCOSB-mnginf-MIB
- CISCOSB-lcli-MIB
- CISCOSB-localization-MIB
- CISCOSB-mcmngr-MIB
- CISCOSB-mng-MIB
- CISCOSB-physdescription-MIB
- CISCOSB-Poe-MIB
- CISCOSB-protectedport-MIB
- CISCOSB-rmon-MIB
- CISCOSB-rs232-MIB
- CISCOSB-SecuritySuite-MIB
- CISCOSB-snmp-MIB
- CISCOSB-specialbpdu-MIB
- CISCOSB-banner-MIB
- CISCOSB-syslog-MIB
- CISCOSB-TcpSession-MIB
- CISCOSB-traps-MIB
- CISCOSB-trunk-MIB
- CISCOSB-tuning-MIB
- CISCOSB-tunnel-MIB
- CISCOSB-udp-MIB
- CISCOSB-vlan-MIB
- CISCOSB-ipstdacl-MIB
- CISCO-SMI-MIB
- CISCOSB-DebugCapabilities-MIB
- CISCOSB-CDP-MIB
- CISCOSB-vlanVoice-MIB
- CISCOSB-EVENTS-MIB
- CISCOSB-sysmng-MIB
- CISCOSB-sct-MIB
- CISCO-TC-MIB
- CISCO-VTP-MIB
- CISCO-CDP-MIB
- CISCOSB-eee-MIB
- CISCOSB-ssl-MIB
- CISCOSB-qosclimib-MIB
- CISCOSB-digitalkeymanage-MIB
- CISCOSB-tbp-MIB
- CISCOSMB-MIB
- CISCOSB-secsd-MIB
- CISCOSB-draft-ietf-entmib-sensor-MIB
- CISCOSB-draft-ietf-syslog-device-MIB
- CISCOSB-rfc2925-MIB
Management
- Remote Monitoring (RMON): Embedded RMON software agent supports 4 RMON groups (history, statistics, alarms, and events) for enhanced traffic management, monitoring, and analysis
- IPv4 and IPv6: Coexistence of both protocol stacks to ease migration