Cisco 300 Series Switches Data Sheet [Cisco Small Business 300 Series Managed Switches]

Easy-to-Use Managed Switches that Provide the Ideal Combination of Features and Affordability

To stay ahead in a competitive marketplace, small businesses need to make every dollar count. That means getting the most value from your technology investments, but it also means making sure that employees have fast, reliable access to the business tools and information they need. Every minute an employee waits for an unresponsive application - and every minute your network is down - has an impact on your bottom line. The importance of maintaining a strong and dependable business network only grows as your business adds more employees, applications, and network complexity.

When your business needs advanced security and features but value is still a top consideration, you're ready for the new generation of Cisco® Small Business managed switches: the Cisco 300 Series.

Cisco 300 Series Switches

The Cisco 300 Series, part of the Cisco Small Business line of network solutions, is a portfolio of affordable managed switches that provides a reliable foundation for your business network. These switches deliver the features you need to improve the availability of your critical business applications, protect your sensitive information, and optimize your network bandwidth to deliver information and applications more effectively. Easy to set up and use, the Cisco 300 Series provides the ideal combination of affordability and capabilities for small businesses, and helps you create a more efficient, better-connected workforce.

The Cisco 300 Series is broad portfolio of fixed-configuration managed Ethernet switches. Models are available with 8 to 48 ports of Fast Ethernet and 10 to 52 ports of Gigabit Ethernet connectivity, providing optimal flexibility to create exactly the right network foundation for your business. However, unlike other small business switching solutions that provide managed network capabilities only in the costliest models, all Cisco 300 Series Switches support the advanced security management capabilities and network features you need to support business-class data, voice, security, and wireless technologies. At the same time, these switches are simple to deploy and configure, allowing you to take advantage of the managed network services your business needs.

Business Applications

Whether you need a basic high-performance network to connect employee computers or a solution to deliver data, voice, and video services, the Cisco 300 Series offers a solution to meet your needs. Possible deployment scenarios include:

• Secure desktop connectivity: Cisco 300 Series Switches can simply and securely connect employees working in small offices with each other and with all of the servers, printers, and other devices they use. High performance and reliable connectivity helps speed file transfers and data processing, improves network uptime, and keeps your employees connected and productive.

• Secure Wireless connectivity: With its advanced Security features, Power over Ethernet, Auto Smartports, QoS, VLAN and Access Control features, the Cisco 300 Series Switches are the perfect foundation to add Business Grade wireless to an SMB network.

• Unified communications: As a managed network solution, the Cisco 300 Series provides the performance and advanced traffic-handling intelligence you need to deliver all communications and data over a single network. Cisco offers a complete portfolio of IP telephony and other unified communications products designed for small businesses. Cisco 300 Series Switches have been rigorously tested to help ensure easy integration and full compatibility with these and other products, providing a complete small business solution.

• Highly secure guest connectivity. Cisco 300 Series Switches let you extend highly secure network connectivity to guests in a variety of settings, such as a hotel, an office waiting room, or any other area open to nonemployee users. Using powerful but easy-to-configure security and traffic segmentation capabilities, you can isolate your vital business traffic from guest services and keep guests' network sessions private from each other.

Features and Benefits

Cisco 300 Series Switches provide security, performance, traffic management, and other capabilities - optimized and customized, and at the right price for small businesses. The Cisco 300 Series provides:

• High performance and reliability: Cisco 300 Series Switches have been rigorously tested to deliver the high availability and performance you expect from a Cisco switch. The solutions speed up file transfer times and improve slow, sluggish networks, while keeping your vital business applications available and preventing costly downtime. As a managed switching solution, the Cisco 300 Series also gives you the flexibility to manage and prioritize high-bandwidth traffic such as voice. That means you can empower your employees with state-of-the-art communication and productivity solutions, without draining the performance of your other business applications.

• Fast, easy setup and configuration: Cisco 300 Series Switches are designed to be easy to use and manage by small businesses and the partners who serve them. The included device manager software provides an intuitive, web-based interface to simplify setup, security, and quality of service (QoS) traffic prioritization, allowing even users without IT expertise to configure the switch in minutes. Cisco also provides a Cisco FindIT Network Discovery Utility. This utility that works through a simple toolbar on the user's web browser to discover Cisco devices in the network and display basic information, such as serial numbers and IP addresses, to aid in the configuration and deployment of Cisco Small Business products. For more information, and to download the utility, please visit www.cisco.com/go/findit. These switches use Cisco Discovery Protocol as well as Link Layer Discovery Protocol (LLDP-MED) to automatically detect all the devices connected to your network, and then automatically configure themselves for the appropriate connectivity and instructs the devices to use appropriate voice VLAN or QoS parameters. For more advanced capabilities and hands-on control, the switches support Smartport roles which configure the ports with specific levels of Security, QoS, and availability according to the type of connected device, based on Cisco best practices and pretested configurations. The Auto Smartports feature applies the intelligence delivered through the Smartport roles and applies it automatically to the port based on the devices discovered over CDP or LLDP-MED. This facilitates zero touch deployments. Although the Cisco 300 Series is designed to be deployed without using a command-line interface (CLI), Cisco Textview is available for those who prefer to use text-based configuration. Together, these features reduce the time your staff must devote to network deployment, management, and troubleshooting.

• Strong security: The Cisco 300 Series Switches provide a high level of security and give you fine- grained control to safeguard your network from unauthorized users. Advanced security features include:

– Embedded security to protect management data traveling to and from the switch and encrypt network communications.

– Extensive access control lists (ACLs) to restrict sensitive portions of the network from unauthorized users and guard against network attacks.

– Guest virtual LANs (VLANs) to let you provide Internet connectivity to nonemployee users while isolating critical business services from guest traffic.

– Support for advanced network security applications such as IEEE 802.1X port security to tightly limit access to specific segments of your network. Web based authentication provides a consistent interface to authenticate all types of host devices and operating systems, without the complexity of deploying IEEE 802.1X clients on each endpoint.

– Time based ACLs and Port Operation restrict access to the network during predesignated times, such as business hours.

– Security mechanisms such as, Bridge Protocol Data Unit (BPDU) Guard and broadcast/multicast/unknown unicast storm control, protect the network from invalid configurations or malicious intent.

– Secure Core Technology (SCT) helps ensure that the switch will receive and process management and protocol traffic no matter how much traffic is received.

– Advanced defense mechanisms, including Dynamic ARP Inspection (DAI), IP Source Guard, and Dynamic Host Configuration Protocol (DHCP) snooping, detect and block deliberate network attacks. Combinations of these protocols are also referred to as IPMB (IP-MAC-port binding).

– IPv6 First Hop Security extends the advanced threat protection to IPv6. This comprehensive security suite includes ND inspection, RA guard, DHCPv6 guard and neighbor binding integrity check, providing unparalleled protection against a vast range of address spoofing and man in the middle attack on IPv6 networks.

– DOS (denial-of-service) attack prevention maximizes network uptime in the presence of an attack.

– Protection of management sessions using Radius, TACACS+ and local database authentication as well as secure management sessions over SSL, SSH, and SNMPv3.

• Power over Ethernet: Cisco 300 Series Switches are available with up to 48 PoE ports of Fast Ethernet or Gigabit Ethernet connectivity. This capability simplifies advanced technology deployments such as IP telephony, wireless, and IP surveillance by allowing you to connect and power network endpoints over a single Ethernet cable. With no need to install separate power supplies for IP phones or wireless access points, you can take advantage of advanced communications technologies more quickly, and at a lower cost. Some models support both IEEE 802.3af PoE and IEEE 802.3at PoE+ while others support IEEE 802.3af PoE only.

• IP telephony support: Cisco 300 Series Switches include embedded QoS intelligence to prioritize delay-sensitive services such as voice and video, simplify unified communications deployments, and help ensure consistent network performance for all services. For example, automated voice VLAN capabilities let you plug any IP phone (including third-party phones) into your IP telephony network and receive an immediate dial tone. The switch automatically configures the device with the right VLAN and QoS parameters to prioritize voice traffic.

• Networkwide Automatic Voice Deployment: Using a combination of CDP, LLDP-MED, Auto Smartports, and VSDP (Voice Services Discovery Protocol - a unique patent-pending Cisco protocol), customers can deploy an end-to-end voice network dynamically. The switches in the network automatically converge around a single voice VLAN and QoS parameters and then propagate them out to the phones on the ports where they are discovered. For example, automated voice VLAN capabilities let you plug any IP phone (including third-party phones) into your IP telephony network and receive an immediate dial tone. The switch automatically configures the device with the right VLAN and QoS parameters to prioritize voice traffic.

• Advanced network management capabilities: As managed switches, the Cisco 300 Series lets you use a variety of advanced features to control traffic over your network. Features include:

– Static routing/Layer 3 switching between VLANs: This capability allows you to segment your network into separate workgroups and communicate across VLANs without degrading application performance. As a result, you can manage internal routing with your switches and dedicate your router to external traffic and security, helping your network run more efficiently.

– IPv6 support: As the IP network addressing scheme evolves to accommodate more devices, you can make sure that your network is ready. The Cisco 300 Series provides native support for IPv6, the newest version of the Internet Protocol, as well as the previous IPv4 standard. As a result, you will be able to move up to the next generation of networking applications and operating systems without an extensive equipment upgrade.

– Dual image support: With the ability to maintain dual images of your switches, you can perform software upgrades without having to take the network offline and without worrying about an outage during an upgrade.

– Dual Configuration files support: Allows configuring the device, validating that it is configured correctly and then saving this configuration to become effective after reboot. Additionally, a mirror configuration file, providing automatic back-up of the latest stable configuration file maximizes network uptime.

– Remote management: Using Simple Network Management Protocol (SNMP), you can set up and manage all switches and other Cisco devices in your network remotely, instead of having to directly connect to them.

– Additional management options: The switches can be fully managed using the Web GUI or using a full command-line interface (CLI).

• Optimal energy efficiency: Cisco 300 Series Switches are designed with a variety of power-saving features across all models, providing the industry's broadest portfolio of "green" switches. These switches optimize power use to protect the environment and reduce energy costs, without compromising performance. Power-saving features include:

– The latest application-specific integrated circuits (ASICs), using low-power 65-nanometer technology (these chipsets allow for lower power consumption and thinner, more efficient designs).

– Support for the Energy Efficient Ethernet (IEEE 802.3az) standard, which reduces energy consumption by monitoring the amount of traffic on an active link and putting the link into a sleep state during quiet periods.

– Automatic power shutoff on ports when a link is down.

– Embedded intelligence to adjust signal strength based on cable length.

– Fanless design in most models, which reduces power consumption, increases reliability, and provides quieter operation.

– LEDs can be turned off to conserve power.

• Expansion ports: The Cisco 300 Series provides more ports per Gigabit Ethernet switch than traditional switch models, giving you more flexibility to connect and empower your business. Gigabit Ethernet models feature 28- and 52-port switches, versus traditional devices that offer 20 or 44 ports with four shared ports giving you more value. The Cisco 300 Series also offers mini gigabit interface converter (mini-GBIC) expansion slots that give you the option to add fiber-optic or Gigabit Ethernet uplink connectivity to the switch. With the ability to increase the connectivity range of the switches, you have more flexibility to design your network around your unique business environment, and to easily connect switches on different floors or across the business.

• Multiple languages: The Cisco 300 Series is available in seven languages: English, French, German, Italian, Spanish, Japanese, and simplified Chinese. All product user interfaces and documentation are translated, giving you the ability to select your preferred language.

• Peace of mind and investment protection: Cisco 300 Series Switches offer the reliable performance, investment protection, and peace of mind you expect from a Cisco switch. When you invest in the Cisco 300 Series, you gain the benefit of:

– Cisco limited lifetime warranty with next business day advance replacement (where available).

– Rigorous testing to help ensure easy integration and compatibility with other Cisco networking and communications products, including the complete Cisco Small Business portfolio.

• Service and Support: Cisco 300 Series Switches are backed by the Cisco Small Business Support Service, which provides affordable peace-of-mind coverage. This subscription-based service helps you protect your investment and derive maximum value from Cisco Small Business products. Delivered by Cisco and backed by your trusted partner, this comprehensive service includes software updates, access to the Cisco Small Business Support Center, and extends technical service to three years. Cisco Small Business products are supported by professionals in Cisco Small Business Support Center locations worldwide who are specifically trained to understand your needs. The Cisco Small Business Support Community, an online forum, enables you to collaborate with your peers and reach Cisco technical experts for support information.

• Cisco Limited Lifetime Hardware Warranty: Cisco 300 Series Switches offer a limited lifetime hardware warranty with next business day advance replacement (where available, otherwise same day ship) and a limited lifetime warranty for fans and power supplies. In addition, Cisco offers software application updates for bug fixes for the warranty term, and telephone technical support at no charge for the first 12 months following the date of purchase. To download software updates, go to: www.cisco.com/cisco/web/download/index.html.

Product warranty terms and other information applicable to Cisco products are available at www.cisco.com/go/warranty.

Product Specifications

Table 1 gives the product specifications for the Cisco 300 Series Switches.

Table 1. Product Specifications

Feature

Description

Performance

Switching capacity and forwarding rate

All switches are wire-speed and non-blocking

Model Name

Capacity in Millions of Packets per Second (mpps) (64-byte packets)

Switching Capacity in Gigabits per Second (Gbps)

SF300-08

1.19

1.6

SF302-08

4.17

5.6

SF302-08P

4.17

5.6

SF302-08PP

4.17

5.6

SF302-08MP

4.17

5.6

SF302-08MPP

4.17

5.6

SF300-24

9.52

12.8

SF300-24P

9.52

12.8

SF300-24PP

9.52

12.8

SF300-24MP

9.52

12.8

SF300-48

13.10

17.6

SF300-48P

13.10

17.6

SF300-48PP

13.10

17.6

SG300-10

14.88

20.0

SG300-10SFP

14.88

20.0

SG300-10P

14.88

20.0

SG300-10PP

14.88

20.0

SG300-10MP

14.88

20.0

SG300-10MPP

14.88

20.0

SG300-20

29.76

40.0

SG300-28

41.67

56.0

SG300-28P

41.67

56.0

SG300-28PP

41.67

56.0

SG300-28MP

41.67

56.0

SG300-52

77.38

104.0

SG300-52P

77.38

104.0

SG300-52MP

77.38

104.0

Layer 2 Switching

Spanning Tree Protocol (STP)

Standard 802.1d Spanning Tree support

Fast convergence using 802.1w (Rapid Spanning Tree [RSTP]), enabled by default

8 instances are supported

Multiple Spanning Tree instances using 802.1s (MSTP)

Port grouping

Support for IEEE 802.3ad Link Aggregation Control Protocol (LACP)

• Up to 8 groups

• Up to 8 ports per group with 16 candidate ports for each (dynamic) 802.3ad link aggregation

VLAN

Support for up to 4096 VLANs simultaneously Port-based and 802.1Q tag-based VLANs MAC-based VLAN

Management VLAN

Private VLAN Edge (PVE), also known as protected ports, with multiple uplinks

Guest VLAN Unauthenticated VLAN

Dynamic VLAN assignment via Radius server along with 802.1x client authentication

CPE VLAN

Voice VLAN

Voice traffic is automatically assigned to a voice-specific VLAN and treated with appropriate levels of QoS.

Auto voice capabilities deliver network-wide zero touch deployment of voice endpoints and call control devices.

Multicast TV VLAN

Multicast TV VLAN allows the single multicast VLAN to be shared in the network while subscribers remain in separate VLANs (Also known as MVR)

Q-in-Q VLAN

VLANs transparently cross a service provider network while isolating traffic among customers

Generic VLAN Registration Protocol (GVRP)/Generic Attribute Registration Protocol (GARP)

Protocols for automatically propagating and configuring VLANs in a bridged domain

Unidirectional Link Detection (UDLD)

UDLD monitors physical connection to detect unidirectional links caused by incorrect wiring or cable/port faults to prevent forwarding loops and blackholing of traffic in switched networks

Dynamic Host Configuration Protocol (DHCP) Relay at Layer 2

Relay of DHCP traffic to DHCP server in different VLAN. Works with DHCP Option 82

Internet Group Management Protocol (IGMP) versions 1, 2, and 3 snooping

IGMP limits bandwidth-intensive multicast traffic to only the requesters; supports 1K multicast groups (source-specific multicasting is also supported)

IGMP Querier

IGMP querier is used to support a Layer 2 multicast domain of snooping switches in the absence of a multicast router

Head-of-line (HOL) blocking

HOL blocking prevention

Jumbo Frames

Up to 9K (9216) bytes

Layer 3

IPv4 routing

Wirespeed routing of IPv4 packets

Up to 512 static routes and up to 128 IP interfaces

Classless Inter-Domain Routing (CIDR)

Support for CIDR

Layer 3 Interface

Configuration of layer 3 interface on physical port, LAG, VLAN interface or Loopback interface

DHCP relay at Layer 3

Relay of DHCP traffic across IP domains

User Datagram Protocol (UDP) relay

Relay of broadcast information across Layer 3 domains for application discovery or relaying of BootP/DHCP packets

DHCP Server

Switch functions as an IPv4 DHCP Server serving IP addresses for multiple DHCP pools/scopes

Support for DHCP options

Security

Secure Shell (SSH) Protocol

SSH is a secure replacement for Telnet traffic. SCP also uses SSH. SSH v1 and v2 are supported

Secure Sockets Layer (SSL)

SSL support: Encrypts all HTTPS traffic, allowing highly secure access to the browser-based management GUI in the switch

IEEE 802.1X (Authenticator role)

802.1X: RADIUS authentication and accounting, MD5 hash; guest VLAN; unauthenticated VLAN, single/multiple host mode and single/multiple sessions

Supports time-based 802.1X Dynamic VLAN assignment

Web Based Authentication

Web based authentication provides network admission control through web browser to any host devices and operating systems.

STP Bridge Protocol Data Unit (BPDU) Guard

A security mechanism to protect the network from invalid configurations. A port enabled for BPDU Guard is shut down if a BPDU message is received on that port.

STP Root Guard

This prevents edge devices not in the network administrator's control from becoming Spanning Tree Protocol root nodes.

DHCP snooping

Filters out DHCP messages with unregistered IP addresses and/or from unexpected or untrusted interfaces. This prevents rogue devices from behaving as a DHCP Server.

IP Source Guard (IPSG)

When IP Source Guard is enabled at a port, the switch filters out IP packets received from the port if the source IP addresses of the packets have not been statically configured or dynamically learned from DHCP snooping. This prevents IP Address Spoofing.

Dynamic ARP Inspection (DAI)

The switch discards ARP packets from a port if there is no static or dynamic IP/MAC bindings or if there is a discrepancy between the source or destination address in the ARP packet. This prevents man-in-the-middle attacks.

IP/Mac/Port Binding (IPMB)

The features (DHCP Snooping, IP Source Guard, and Dynamic ARP Inspection) above work together to prevent DOS attacks in the network, thereby increasing network availability.

Secure Core Technology (SCT)

Ensures that the switch will receive and process management and protocol traffic no matter how much traffic is received.

Secure Sensitive Data (SSD)

A mechanism to manage sensitive data (such as passwords, keys, etc) securely on the switch, populating this data to other devices, and secure autoconfig. Access to view the sensitive data as plaintext or encrypted is provided according to the user configured access level and the access method of the user.

Layer 2 isolation Private VLAN Edge (PVE) with community VLAN

PVE (also known as protected ports) provides Layer 2 isolation between devices in the same VLAN, supports multiple uplinks.

Port security

The ability to lock Source MAC addresses to ports, and limits the number of learned MAC

addresses.

RADIUS/TACACS+

Supports RADIUS and TACACS authentication. Switch functions as a client.

Storm control

Broadcast, multicast, and unknown unicast

RADIUS accounting

The RADIUS accounting functions allow data to be sent at the start and end of services, indicating the amount of resources (such as time, packets, bytes, and so on) used during the session.

DoS prevention

Denial-of-Service (DOS) attack prevention

ACLs

Support for up to 512 rules

Drop or rate limit based on source and destination MAC, VLAN ID or IP address, protocol, port, differentiated services code point (DSCP)/IP precedence, TCP/ UDP source and destination ports,

802.1p priority, Ethernet type, Internet Control Message Protocol (ICMP) packets, IGMP packets, TCP flag, Time-based ACLs supported.

Quality of Service

Priority levels

4 hardware queues

Scheduling

Strict priority and weighted round-robin (WRR)

Queue assignment based on DSCP and class of service (802.1p/CoS)

Class of service

Port based; 802.1p VLAN priority based; IPv4/v6 IP precedence/type of service (ToS)/DSCP based; Differentiated Services (DiffServ); classification and re-marking ACLs, trusted QoS.

Rate limiting

Ingress policer; egress shaping and rate control; per VLAN, per port, and flow based.

Congestion avoidance

A TCP congestion avoidance algorithm is required to minimize and prevent global TCP loss synchronization.

Standards

IEEE 802.3 10BASE-T Ethernet, IEEE 802.3u 100BASE-TX Fast Ethernet, IEEE 802.3ab 1000BASE-T Gigabit Ethernet, IEEE 802.3ad LACP, IEEE 802.3z Gigabit Ethernet, IEEE 802.3x Flow Control, IEEE 802.1D (STP, GARP, and GVRP),IEEE 802.1Q/p VLAN, IEEE 802.1w RSTP, IEEE 802.1s Multiple STP, IEEE 802.1X Port Access Authentication, IEEE 802.3af, IEEE 802.3at, RFC 768, RFC 783, RFC 791, RFC 792, RFC 793, RFC 813, RFC 879, RFC 896, RFC 826, RFC 854, RFC 855, RFC 856, RFC 858, RFC 894, RFC 919, RFC 922, RFC 920, RFC 950, RFC 1042, RFC 1071, RFC 1123, RFC 1141, RFC 1155, RFC 1157, RFC 1350, RFC 1533, RFC 1541, RFC 1624, RFC 1700, RFC 1867, RFC 2030, RFC 2616, RFC 2131, RFC 2132, RFC 3164, RFC 3411, RFC 3412, RFC 3413, RFC 3414, RFC 3415, RFC 2576, RFC 4330, RFC 1213, RFC 1215, RFC 1286, RFC 1442, RFC 1451, RFC 1493, RFC 1573, RFC 1643, RFC 1757, RFC 1907, RFC 2011, RFC 2012, RFC 2013, RFC 2233, RFC 2618, RFC 2665, RFC 2666, RFC 2674, RFC 2737, RFC 2819, RFC 2863, RFC 1157, RFC 1493, RFC 1215, RFC 3416

IPv6

IPv6 host mode

IPv6 over Ethernet Dual IPv6/IPv4 stack

IPv6 neighbor and router discovery (ND) IPv6 stateless address auto-configuration

Path maximum transmission unit (MTU) discovery

Duplicate address detection (DAD) ICMP version 6

IPv6 over IPv4 network with Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) support

USGv6 and IPv6 Gold Logo certified

IPv6 QoS

Prioritize IPv6 packets in hardware

IPv6 ACL

Drop or rate limit IPv6 packets in hardware

IPv6 First Hop Security

RA guard

ND inspection

DHCPv6 guard

Neighbor binding table (Snooping and static entries)

Neighbor binding integrity check

Multicast Listener Discovery

(MLD v1/2) snooping

Deliver IPv6 multicast packets only to the required receivers

IPv6 applications

Web/SSL, Telnet server/SSH, ping, traceroute, Simple Network Time Protocol (SNTP), Trivial File Transfer Protocol (TFTP), SNMP, RADIUS, syslog, DNS client, Telnet Client, DHCP Client, DHCP Autoconfig, IPv6 DHCP Relay, TACACS

IPv6 RFCs supported

RFC 4443 (which obsoletes RFC2463) - ICMP version 6

RFC 4291 (which obsoletes RFC 3513) - IPv6 address architecture

RFC 4291 - IPv6 addressing architecture

RFC 2460 - IPv6 specification

RFC 4861 (which obsoletes RFC 2461) - Neighbor discovery for IPv6

RFC 4862 (which obsoletes RFC 2462) - IPv6 stateless address auto-configuration

RFC 1981 - Path MTU discovery

RFC 4007 - IPv6 scoped address architecture

RFC 3484 - Default address selection mechanism

RFC 5214 (which obsoletes RFC 4214) - ISATAP tunneling RFC 4293 - MIB IPv6: Textual conventions and general group RFC 3595 - Textual conventions for IPv6 flow label

Management

Web user interface

Built-in switch configuration utility for easy browser-based device configuration (HTTP/HTTPS). Supports configuration, system dashboard, system maintenance, and monitoring.

SNMP

SNMP versions 1, 2c, and 3 with support for traps, and SNMP version 3 user-based security model (USM)

Standard MIBs

draft-ietf-bridge-8021x-MIB

draft-ietf-bridge-rstpmib-04-MIB

draft-ietf-hubmib-etherif-MIB-v3-00-MIB

draft-ietf-syslog-device-MIB

ianaaddrfamnumbers-MIB

ianaifty-MIB

ianaprot-MIB

inet-address-MIB

ip-forward-MIB

ip-MIB

RFC1155-SMI

RFC1213-MIB

rfc2012-MIB

rfc2011-MIB

draft-ietf-entmib-sensor-MIB

lldp-MIB lldpextdot1-MIB

lldpextdot3-MIB

lldpextmed-MIB p-bridge-MIB

q-bridge-MIB

rfc1389-MIB

rfc1493-MIB

rfc1611-MIB

rfc1612-MIB

rfc1850-MIB

Standard MIBs (continued)

SNMPv2-MIB

SNMPv2-SMI

SNMPv2-TM

RMON-MIB.my

dcb-raj-DCBX-MIB-1108-MIB

rfc1724-MIB

RFC-1212.my_for_MG-Soft

rfc1213-MIB

rfc1757-MIB

RFC-1215.my

SNMPv2-CONF.my

SNMPv2-TC.my

rfc2674-MIB

rfc2575-MIB

rfc2573-MIB

rfc2233-MIB

rfc2013-MIB

rfc1907-MIB

rfc2571-MIB

rfc2572-MIB

rfc2574-MIB

rfc2576-MIB

rfc2613-MIB

rfc2665-MIB

rfc2668-MIB

rfc2737-MIB

rfc2925-MIB

rfc3621-MIB

rfc4668-MIB

rfc4670-MIB

trunk-MIB

tunnel-MIB

udp-MIB

Private MIBs

CISCOSB-lldp-MIB

CISCOSB-brgmulticast-MIB

CISCOSB-bridgemibobjects-MIB

CISCOSB-bonjour-MIB

CISCOSB-dhcpcl-MIB

CISCOSB-MIB

CISCOSB-wrandomtaildrop-MIB

CISCOSB-traceroute-MIB

CISCOSB-telnet-MIB

CISCOSB-stormctrl-MIB

CISCOSB-ssh-MIB

CISCOSB-socket-MIB

CISCOSB-sntp-MIB

CISCOSB-smon-MIB

CISCOSB-phy-MIB

CISCOSB-multisessionterminal-MIB

CISCOSB-mri-MIB

CISCOSB-jumboframes-MIB

CISCOSB-gvrp-MIB

CISCOSB-endofmib-MIB

CISCOSB-dot1x-MIB

CISCOSB-deviceparams-MIB

CISCOSB-cli-MIB

CISCOSB-cdb-MIB

CISCOSB-brgmacswitch-MIB

CISCOSB-3sw2swtables-MIB

CISCOSB-smartPorts-MIB

CISCOSB-tbi-MIB

CISCOSB-macbaseprio-MIB

CISCOSB-policy-MIB

CISCOSB-env_mib

CISCOSB-sensor-MIB

CISCOSB-aaa-MIB

CISCOSB-application-MIB

CISCOSB-bridgesecurity-MIB

CISCOSB-copy-MIB

CISCOSB-CpuCounters-MIB

CISCOSB-Custom1BonjourService-MIB

CISCOSB-ip-MIB

CISCOSB-iprouter-MIB

CISCOSB-ipv6-MIB

CISCOSB-mnginf-MIB

CISCOSB-lcli-MIB

CISCOSB-localization-MIB

CISCOSB-mcmngr-MIB

CISCOSB-mng-MIB

CISCOSB-physdescription-MIB

CISCOSB-Poe-MIB

CISCOSB-protectedport-MIB

CISCOSB-rmon-MIB

CISCOSB-rs232-MIB

CISCOSB-SecuritySuite-MIB

CISCOSB-snmp-MIB

CISCOSB-specialbpdu-MIB

CISCOSB-banner-MIB

CISCOSB-syslog-MIB

CISCOSB-TcpSession-MIB

CISCOSB-traps-MIB

CISCOSB-trunk-MIB

CISCOSB-tuning-MIB

CISCOSB-tunnel-MIB

CISCOSB-udp-MIB

CISCOSB-vlan-MIB

CISCOSB-ipstdacl-MIB

CISCO-SMI-MIB

CISCOSB-DebugCapabilities-MIB

CISCOSB-CDP-MIB

CISCOSB-vlanVoice-MIB

CISCOSB-EVENTS-MIB

CISCOSB-sysmng-MIB

CISCOSB-sct-MIB

CISCO-TC-MIB

CISCO-VTP-MIB

CISCO-CDP-MIB

CISCOSB-eee-MIB

CISCOSB-ssl-MIB

Private MIBs (continued)

CISCOSB-dhcp-MIB

CISCOSB-dlf-MIB

CISCOSB-dnscl-MIB

CISCOSB-embweb-MIB

CISCOSB-fft-MIB

CISCOSB-file-MIB

CISCOSB-greeneth-MIB

CISCOSB-interfaces-MIB

CISCOSB-interfaces_recovery-MIB

CISCOSB-qosclimib-MIB

CISCOSB-digitalkeymanage-MIB

CISCOSB-tbp-MIB

CISCOSMB-MIB

CISCOSB-secsd-MIB

CISCOSB-draft-ietf-entmib-sensor-MIB

CISCOSB-draft-ietf-syslog-device-MIB

CISCOSB-rfc2925-MIB

Remote Monitoring (RMON)

Embedded RMON software agent supports 4 RMON groups (history, statistics, alarms, and events) for enhanced traffic management, monitoring, and analysis

IPv4 and IPv6 dual stack

Coexistence of both protocol stacks to ease migration

Firmware upgrade

• Web browser upgrade (HTTP/HTTPS) and TFTP and upgrade over SCP running over SSH

• Upgrade can be initiated through console port as well

• Dual images for resilient firmware upgrades

Port mirroring

Traffic on a port can be mirrored to another port for analysis with a network analyzer or RMON probe. Up to 8 source ports can be mirrored to one destination port. A single session is supported.

VLAN mirroring

Traffic from a VLAN can be mirrored to a port for analysis with a network analyzer or RMON probe. Up to 8 source VLANs can be mirrored to one destination port. A single session is supported.

DHCP (Options 12, 66, 67, 82, 129, and 150)

DHCP Options facilitate tighter control from a central point (DHCP server) to obtain IP address, auto-configuration (with configuration file download), DHCP relay, and hostname.

Secure Copy (SCP)

Securely transfer files to and from the switch

Autoconfiguration with Secure Copy (SCP) file download

Enables secure mass deployment with protection of sensitive data

Text-editable config files

Config files can be edited with a text editor and downloaded to another switch, facilitating easier mass deployment

Smartports

Simplified configuration of QoS and security capabilities

Auto Smartports

Applies the intelligence delivered through the Smartport roles and applies it automatically to the port based on the devices discovered over CDP or LLDP-MED. This facilitates zero touch deployments.

Textview CLI

Scriptable command-line interface. A full CLI as well as a menu-based CLI is supported. User privilege levels 1, 7, and 15 is supported for the CLI.

Cloud services

Support for Cisco Small Business FindIT Network and Cisco OnPlus

Localization

Localization of GUI and documentation into multiple languages

Other management

Traceroute; single IP management; HTTP/HTTPS; SSH; RADIUS; port mirroring; TFTP upgrade; DHCP client; BOOTP; SNTP; Xmodem upgrade; cable diagnostics; ping; syslog; Telnet client (SSH secure support)

Time-based port operation

Link up or down based on user-defined schedule (when the port is administratively up)

Configurable multiple banners for web as well as CLI

Power Efficiency

EEE Compliant (802.3az)

Supports 802.3az on all copper ports (SG300 models)

Energy Detect

Automatically turns off power off on Gigabit Ethernet and 10/100 RJ-45 port when detecting link down

Active mode is resumed without loss of any packets when the switch detects the link up

Cable length detection

Adjusts the signal strength based on the cable length for Gigabit Ethernet models. Reduces the power consumption for cables shorter than 10m.

Disable port LEDs

LEDs can be manually turned off to save on Energy

General

Jumbo frames

Frame sizes up to 9K (9216) bytes supported on 10/100 and Gigabit interfaces

MAC table

Up to 16K (16384) MAC addresses

Discovery

Bonjour

The switch advertises itself using the Bonjour protocol.

Link Layer Discovery Protocol (LLDP) (802.1ab) with LLDP-MED extensions

LLDP allows the switch to advertise its identification, configuration, and capabilities to neighboring devices that store the data in a MIB. LLDP-MED is an enhancement to LLDP that adds the extensions needed for IP phones.

Cisco Discovery Protocol (CDP)

The switch advertises itself using the Cisco Discovery Protocol. It also learns the connected device and its characteristics via CDP.

Power over Ethernet (PoE)

802.3af PoE and 802.3at PoE+ delivered over any of the RJ-45 ports within the listed power budgets

Switches support 802.3at PoE+, 802.3af, and Cisco pre-standard (legacy) PoE. Maximum power of 30.0W to any 10/100 or Gigabit Ethernet port for PoE+ supported devices and 15.4W for PoE supported devices, until the PoE budget for the switch is reached. The total power available for PoE per switch is as follows:

Model Name

Power Dedicated to PoE

Number of Ports That Support PoE

SF302-08P

62W

SF302-08PP

62W (PoE+ supported)

SF302-08MP

124W

SF302-08MPP

124W (PoE+ supported)

SF300-24P

180W

SF300-24PP

180W (PoE+ supported)

SF300-24MP

375W (PoE+ supported)

SF300-48P

375W

SF300-48PP

375W (PoE+ supported)

SG300-10P

62W

SG300-10PP

62W (PoE+ supported)

SG300-10MP

124W

SG300-10MPP

124W (PoE+ supported)

SG300-28P

180W

SG300-28PP

180W (PoE+ supported)

SG300-28MP

375W (PoE+ supported)

SG300-52P

375W (PoE+ supported)

SG300-52MP

740W (PoE+ supported)

Power consumption (worst case)

Model Name

Power Savings Mode

System Power Consumption

Power Consumption: Case (with PoE)

Heat Dissipation Worst Case (BTU/hr)

SF300-08

Energy Detect

110V=6.1W

220V=7.2W

N/A

24.57

SF302-08

Energy Detect

110V=8.0W

220V=8.6W

N/A

29.34

SF302-08P

Energy Detect

110V=10.3W

220V=11.5W

110V=81.3W

220V=82.1W

280.13

SF302-08PP

Energy Detect

110V=9.12W

220V=9.31W

110V=80.68W

220V=79.62W

271.67

SF302-08MP

Energy Detect

110V=9.5W

220V=10.3W

110V=150.1W

220V=149.9W

512.14

SF302-08MPP

Energy Detect

110V=9.66W

220V=9.83W

110V=143.89W

220V=142.97W

487.83

SF300-24

Energy Detect

110V=16.4W

220V=17.1W

N/A

58.35

SF300-24P

Energy Detect

110V=25.8W

220V=27.3W

110V=223W

220V=217.9W

760.88

SF300-24PP

Energy Detect

110V=26.7W

220V=27.9W

110V=218.57W

220V=213.35W

727.98

SF300-24MP

Energy Detect Short Reach

110V=37.7W

220V=38.0W

110V=441W

220V=431W

1504.69

SF300-48

Energy Detect

110V=24W

220V=24.8W

N/A

84.62

SF300-48P

Energy Detect

110V=46.4W

220V=46.3W

110V=465W

220V=449W

1531.99

SF300-48PP

Energy Detect

110V=47.7W

220V=48.2W

110V=421.36W

220V=412.43W

1407.23

SG300-10

Energy Detect Short Reach

110V=10.33W

220V=10.27W

N/A

35.25

SG300-10SFP

Energy Detect Short Reach

110V=18.10W

220V=17.71W

N/A

61.76

SG300-10P

Energy Detect Short Reach

110V=13.13W

220V=13.48W

110V=81.44W

220V=81.16W

277.87

SG300-10PP

Energy Detect Short Reach

110V=13.37W

220V=12.99W

110V=83.47W

220V=81.58W

278.36

SG300-10MP

Energy Detect Short Reach

110V=12.21W

220V=12.25W

110V=154.36W

220V=152.42W

526.68

SG300-10MPP

Energy Detect Short Reach

110V=13.41W

220V=13.72W

110V=145.7W

220V=144.5W

493.05

SG300-20

Energy Detect Short Reach

110V=16.05W

220V=16.26W

N/A

55.48

SG300-28

Energy Detect Short Reach

110V=19.8W

220V=20.6W

N/A

70.29

SG300-28P

Energy Detect Short Reach

110V=29.7W

220V=30.7W

110V=214.4W

220V=210W

731.53

SG300-28PP

Energy Detect Short Reach

110V=31.9W

220V=33.0W

110V=222W

220V=217W

740.43

SG300-28MP

Energy Detect Short Reach

110V=42.4W

220V=43.1W

110V=445W

220V=436W

1487.63

SG300-52

Energy Detect Short Reach

110V=45.9W

220V=45.3W

N/A

156.61

SG300-52P

Energy Detect Short Reach

110V=61.25W

220V=61.46W

110V=473.62W

220V=461.88W

1617.29

SG300-52MP

Energy Detect Short Reach

110V=64.24W /

220V=68.80W

110V=873.05W

220V=843.57W

2978.85

Ports

Model Name

Total System Ports

RJ-45 Ports

Combo Ports
(RJ-45 + SFP)

SF300-08

8 Fast Ethernet

N/A

SF302-08