The Cisco® Catalyst® 3750-X and 3560-X Series Switches are an enterprise-class lines of stackable and standalone switches, respectively. These switches provide high availability, scalability, security, energy efficiency, and ease of operation with innovative features such as Cisco StackPower (available only on the Catalyst 3750-X), IEEE 802.3at Power over Ethernet Plus (PoE+) configurations, optional network modules, redundant power supplies, and Media Access Control Security (MACsec) features. The Cisco Catalyst 3750-X Series with StackWise® Plus technology provides scalability, ease of management and investment protection for the evolving business needs. The Cisco Catalyst 3750-X and 3560-X enhance productivity by enabling applications such as IP telephony, wireless, and video for borderless network experience.
Cisco Catalyst 3750-X and 3560-X Series primary features:
- 24 and 48 10/100/1000 PoE+, non-PoE models, and 12 and 24 GE SFP port models
- 24 and 48 10/100/1000 UPOE-capable models with Energy Efficient Ethernet (EEE) support
- Four optional uplink network modules with GE or 10GE ports
- Industry first PoE+ with 30W power on all ports in 1 rack unit (RU) form factor
- Dual redundant, modular power supplies and fans
- Media Access Control Security (MACsec) hardware-based encryption
- Flexible NetFlow and switch-to-switch hardware encryption with the Service Module uplink
- Open Shortest Path First (OSPF) for routed access in IP Base image
- IPv4 and IPv6 routing, Multicast routing, advanced quality of service (QoS), and security features in hardware
- Enhanced limited lifetime warranty (LLW) with next business day (NBD) advance hardware replacement and 90 day access to Cisco Technical Assistance Center (TAC) support
- Enhanced Cisco EnergyWise for operational cost optimization by measuring actual power consumption of the PoE devices, reporting, and reducing energy consumption across the network
- USB Type-A and Type-B ports for storage and console respectively and an out-of-band Ethernet management port
Switch Configurations
All switch models can be configured with four optional network modules. The UPOE, PoE+, and non-PoE switch models are available with either the LAN Base or IP Base feature set. IP Services feature set is available as an upgrade option at the time of ordering or through a license at a later time. The GE SFP switch models are available with either IP Base or IP Services feature set.
Cisco Catalyst 3750-X and 3560-X Series Software
In addition to IP Base and IP Services feature sets, the Cisco Catalyst 3750-X and 3560-X Series come with a new LAN Base feature set. The three feature sets available with all Cisco Catalyst 3750-X and 3560-X Series Switches are:
- LAN Base: enterprise access Layer 2 switching features
- IP Base: baseline enterprise access Layer 3 switching features
- IP Services: advanced Layer 3 switching (IPv4 and IPv6) features
The LAN Base feature set includes comprehensive Layer 2 features, with up-to 255 VLANs. The IP Base feature set provides baseline enterprise services in addition to all LAN Base features, with 1K VLANs. IP Base also includes the support for routed access, StackPower (available only on the Catalyst 3750-X), MACsec, and the new Cisco Service Module. The IP Services feature set provides full enterprise services that includes advanced Layer 3 features such as Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), Border Gateway Protocol (BGP), Protocol Independent Multicast (PIM), and IPv6 routing such as OSPFv3 and EIGRPv6. All software feature sets support advanced security, QoS, and management features.
The Cisco Catalyst 3750-X Series Switches with LAN Base feature set can only stack with other Cisco Catalyst 3750-X Series LAN Base switches. A mixed stack of LAN Base switch with IP Base or IP Services features set is not supported.
Customers can transparently upgrade the software feature set in the Cisco Catalyst 3750-X and 3560-X Series Switches through Cisco IOS® Software activation. Software activation authorizes and enables the Cisco IOS Software feature sets. A special file contained in the switch, called a license file, is examined by Cisco IOS Software when the switch is powered on. Based on the license’s type, Cisco IOS Software activates the appropriate feature set.
Service Module
The new Cisco Service Module offers enhanced security and Flexible Netflow (FNF) features on the uplink ports of the Catalyst 3750-X and 3560-X. The service module is supported with IP Base or IP Services feature set. It can be used with SFP or SFP+ at 1G or 10G speeds. The new Cisco Service Module has custom dedicated hardware for FNF monitoring, separate from the dedicated hardware for MACSec. Therefore there is no impact on packet forwarding performance & latency. It offers flexibility with the user being able to define flows. The new Cisco Service Module enables the following services:
- Line rate (40G) Flexible NetFlow for Network Monitoring and Security Anomaly Detection
- Supported version 9
- 32,000 simultaneous flows
- 128 of simultaneous active monitors
- Line rate (40G) MACsec encryption (please refer to MACsec section below)
FNF is a networking monitoring technology. A NetFlow table can be used to collect flow statistics. The flow information can be used by customers for a variety of use cases like understanding:
1. Applications running on the network, and identify undesired applications, P2P etc
2. Granular Local and aggregated Campus view (Top N applications, drill down etc).
3. Top talkers (ports, users, applications) for application usage, productivity and asset utilization etc.
4. Security Anomaly Detection by examining flows that do not traverse trust boundaries for inside the perimeter attacks
5. Impacts of network and application changes
6. Compliance conformation
7. Traffic patterns for capacity planning
Enabling FNF at the access switch ensures you get all flows. The access switch is the most logical place in the network for collecting statistics and monitoring all flows. With Netflow, you can obtain MAC-address and access port information associated with the flow, to get directly to the source of the flow. Most collectors are able to leverage the location based on MAC-address and interface port number provided by the access switch to the collector. Thus by enabling FNF at the access switch you are able to get the location information of the flow. The access switch has a variety of identity mechanism for user authentication and adding user awareness is the natural progression that can be developed. Access switches are an order of magnitude greater than distribution and core which makes them scale well for FNF and ensure there are no performance impacts of oversubscription at aggregation and core.
10GB-T Module
The new Cisco 10G Base-T module is hot-swapable and can operate at either 10GE or GE speed (with manual configuration).