SX350X-12 12-Port 10GBase-T Stackable Managed Switch
12 Port 10GBase-T Stackable Managed Switch
Description
Managed switches that provide the ideal combination of features and affordability
To stay ahead in a competitive marketplace, small businesses need to make every dollar count. That means getting the most value from your technology investments, but it also means making sure that employees have fast, reliable access to the business tools and information they need. Every minute an employee waits for an unresponsive application – and every minute your network is down – has an impact on your bottom line. The importance of maintaining a strong and dependable business network only grows as your business adds more employees, applications, and network complexity.
When your business needs advanced security and features but affordability and value are key, you’re ready for the new generation of Cisco® Small Business managed switches: the Cisco 350X Series.
Cisco 350X Series Stackable Managed Switches
The Cisco 350X Series Stackable Managed Switches (Figure 1) are a new line of stackable managed Ethernet switches that provide the rich capabilities you need to support a more demanding network environment at a very affordable price. The SG350X models provide 8 to 48 ports of Gigabit and Multigigabit Ethernet connectivity with 10 Gigabit Ethernet uplinks. The SX350X models provide 8, 12, 24, or 48 ports of 10 Gigabit Ethernet, providing a solid foundation and more than enough bandwidth for your business applications today and in the future. These switches are easy to deploy and manage without a large IT staff.
Cisco 350X Series switches are designed to protect your technology investment as your business grows. Unlike switches that claim to be stackable but have elements that require separate administration and troubleshooting, the Cisco 350X Series provides true stacking capability, allowing you to configure, manage, and troubleshoot multiple physical switches as a single device and more easily expand your network.
A true stack delivers a unified data and control plane, in addition to a management plane, providing flexibility, scalability, and ease of use because the stack of units operates as a single entity. The switches also protect your technology investment with an enhanced warranty, dedicated technical support, and the ability to upgrade equipment in the future. Overall, the Cisco 350X Series provides the ideal technology foundation for a growing business.
Features and benefits
Cisco 350X Series switches provide the advanced feature set that growing businesses and high-bandwidth applications and technologies require. These switches can improve the availability of your critical applications, protect your business information, and optimize your network bandwidth to more effectively deliver information and support applications.
High-performance 10 Gigabit Ethernet
Cisco 350X Series switches break the barrier of 10 Gigabit Ethernet adoption by providing affordable and powerful features for growing small and medium-sized business networks. With the 10G ports in both copper and fiber, you can easily and cost-effectively enable 10G connections to servers and network storage devices with standard RJ-45 Ethernet cables. You can also aggregate 10G Enhanced Small Form-Factor Pluggable (SFP+) fiber connections to build a high-performance backbone to dramatically increase the overall speed of your network.
Multigigabit performance
Network needs are changing quickly. With evolving wireless standards and the rising number of wireless devices, keeping up with data rates and growing traffic can be a challenge. Your traditional Ethernet infrastructure can support speeds of up to 1 Gigabit per second (Gbps), but competing today requires much more capacity. One option is to completely replace your older cabling infrastructure and upgrade your hardware. But wouldn’t it be better to increase network speed and traffic capacity in a way that’s quick, inexpensive, and efficient?
Multigigabit Ethernet technology uses capabilities in your existing cabling infrastructure to meet bandwidth requirements and provide up to five times the performance of a 1G switch. The technology enables intermediate data rates of 2.5 and 5 Gbps to ease the jump from 1 Gbps to 10 Gbps. These intermediate rates run on most installed cables and preserve older Unshielded Twisted Pair (UTP) wiring, which is good for 802.11ac and 802.11ax wireless LAN applications.
The technology also supports Power over Ethernet (PoE), including PoE+ and 60W PoE. Cisco Multigigabit Ethernet switches help you avoid having to run multiple cables between switches and access points and let your networks welcome next-generation traffic speeds and data rates.
Easy configuration and management
Cisco 350X Series switches are designed to be easy to use and easy to manage by small business customers or the partners that serve them.
- Smart Network Application (SNA) is an innovative network-level monitoring and management tool embedded in the Cisco 100 to 500 Series switches. It can discover network topology, display link status, monitor events, apply configurations, and upgrade software images across multiple switches in the network.
- The FindIT Network Manager and Probe are designed to manage Cisco 100 to 500 Series switches, routers, and wireless access points. They let you proactively manage the network instead of just reacting to events. Cisco 350X Series switches support the embedded FindIT Network Probe, eliminating the need to set up a separate hardware or virtual machine on site. For more information, visit https://www.cisco.com/c/en/us/products/cloud-systems-management/findit-network-management/index.html.
- The FindIT Network Discovery Utility works through a simple toolbar on the user’s web browser to discover Cisco devices on the network and display basic device information, inventory, and new firmware updates to aid in the configuration and speed the deployment of Cisco Small Business products. For more information, visit https://www.cisco.com/c/en/us/products/cloud-systems-management/small-business-findit-network-discovery-utility/index.html.
- Simple or advanced-mode Graphical User Interfaces (GUIs) reduce the time required to deploy, troubleshoot, and manage the network. Configuration wizards simplify the most common configuration tasks and provide the ultimate tool for anyone to set up and manage the network.
- Cisco Smartports technology provides more advanced capabilities and hands-on control by automatically configuring ports with specific levels of security, Quality of Service (QoS), and availability according to the type of connected device, based on Cisco best practices and pretested configurations. The Auto Smartports feature automatically applies the intelligence delivered through the Smartports roles to the port based on the device types discovered over Cisco Discovery Protocol or Link Layer Discovery Protocol Media Endpoint Discovery (LLDP-MED). This capability facilitates zero-touch deployments.
- The USB port on the front panel of the switch enables easy image and configuration transfer for faster deployment or upgrades.
Power over Ethernet Plus (PoE+) and 60W PoE
PoE technology simplifies the deployment of IP phones and wireless access points by allowing you to connect and power network endpoints over a single Ethernet cable, without having to install separate power supplies. The 350X Series switches support 15W PoE and 30W PoE+. The switches also support 60W PoE on selected ports to power compact switches, high-power wireless access points, or connected lighting. The PoE power is intelligently managed such that only the amount of power needed by an endpoint is delivered to it and none is wasted. As a result, the switches can support devices that require more power, such as 802.11ac wireless access points, video-based IP phones, surveillance cameras, and more. The PoE features in the 350X Series switches are also fully backward compatible with 802.3af PoE, 802.3at PoE+, and Cisco legacy PoE protocols.
High reliability and resiliency
In a growing business where availability 24 hours a day, 7 days a week is critical, you need to assure that employees can always access the data and resources they need. In these environments, stackable switches can play an important role in minimizing downtime and improving network resiliency. For example, if the master switch within a Cisco 350X Series stack fails, another switch takes over, keeping your network up and running. You can also replace individual devices in the stack without taking your whole network offline or affecting employee productivity.
The Cisco 350X Series also supports dual images, allowing you to perform software upgrades without having to worry about the network going down during the upgrade.
Simplified IT operation
Cisco 350X Series switches help optimize your IT operations with built-in features that simplify and streamline day-to-day network operation:
- True stacking allows you to troubleshoot, configure, and manage multiple physical switches as a single entity.
- Cisco switches use common chipsets and software across all switching portfolios, so all Cisco switches within a category support the same feature set, making it easier to manage and support all switches across the network.
True stacking
Some switches claim to support stacking, but they only support “clustering” or “virtual stacking,” which means each switch must still be managed and configured individually. They cannot be managed as a single entity or device. Cisco 350X Series switches provide true horizontal stacking, enabling you to configure, manage, and troubleshoot multiple physical switches as a single device, with a single IP address, for up to four units and up to 208 ports.
A true horizontal stack delivers a unified data and control plane, in addition to a management plane, providing flexibility, scalability, and ease of use because the stack of units operates as a single entity constituting all the ports of the stack members. This capability can radically reduce complexity in a growing network environment while improving the resiliency and availability of network applications. True stacking also provides other cost savings and administrative benefits through features such as cross-stack QoS, Virtual LANs (VLANs), Link Aggregation Groups (LAGs), and port mirroring, which clustered switches can’t support.
Strong security
Cisco 350X Series switches provide the advanced security features you need to protect your business data and keep unauthorized users off the network:
- Embedded Secure Sockets Layer (SSL) encryption protects management data traveling to and from the switch.
- Extensive Access Control Lists (ACLs) restrict sensitive portions of the network to keep out unauthorized users and guard against network attacks.
- Guest VLANs let you provide Internet connectivity to nonemployee users while isolating critical business services from guest traffic.
- Support for advanced network security applications such as IEEE 802.1X port security tightly limits access to specific segments of your network. Web-based authentication provides a consistent interface to authenticate all types of host devices and operating systems, without the complexity of deploying 802.1X clients on each endpoint.
- Advanced defense mechanisms, including dynamic Address Resolution Protocol (ARP) inspection, IP Source Guard, and Dynamic Host Configuration Protocol (DHCP) snooping, detect and block deliberate network attacks. Combinations of these protocols are also referred to as IP-MAC Port Binding (IPMB).
- IPv6 First Hop Security extends advanced threat protection to IPv6. This comprehensive security suite includes Neighbor Discovery (ND) inspection, Router Advertisement (RA) guard, DHCPv6 guard, and neighbor binding integrity check, providing unparalleled protection against a vast range of address spoofing and man-in-the-middle attacks on IPv6 networks.
- Time-based ACLs and port operation restrict access to the network during predesignated times such as business hours.
- Uniform MAC address-based security can be applied automatically to mobile users as they roam between wireless access points.
- Secure Core Technology (SCT) helps ensure that the switch is able to process management traffic in the face of a Denial-of-Service (DoS) attack.
- Private VLAN Edge (PVE) provides Layer 2 isolation between devices on the same VLAN.
- Storm control can be applied to broadcast, multicast, and unknown unicast traffic.
- Protection of management sessions occurs using RADIUS, TACACS+, and local database authentication as well as secure management sessions over SSL, Secure Shell (SSH), and Simple Network Management Protocol (SNMP) v3.
- DoS attack prevention maximizes network uptime in the presence of an attack.
IPv6 support
As the IP address scheme evolves to accommodate a growing number of network devices, the Cisco 350X Series can support the transition to the next generation of networking and operating systems such as Windows 7, Vista, and Linux. These switches continue to support previous-generation IPv4, allowing you to evolve to the new IPv6 standard at your own pace, and helping ensure that your current network will continue to support your business applications in the future. Cisco 350X Series switches have successfully completed rigorous IPv6 testing and have received the USGv6 and IPv6 Gold certification.
Advanced Layer 3 traffic management
The Cisco 350X Series enables a more advanced set of traffic management capabilities to help growing businesses organize their networks more effectively and efficiently. The switches provide static LAN Layer 3 routing, allowing you to segment your network into workgroups and communicate across VLANs without degrading application performance. With these capabilities, you can boost the efficiency of your network by offloading internal traffic-handling tasks from your router and allowing it to manage primarily external traffic and security.
Power efficiency
The Cisco 350X Series integrates a variety of power-saving features across all models, providing the industry’s most extensive energy-efficient switching portfolio. These switches are designed to conserve energy by optimizing power use, which helps protects the environment and reduce your energy costs. They provide an eco-friendly network solution without compromising performance. Cisco 350X Series switches feature:
- Support for the Energy Efficient Ethernet (IEEE 802.3az) standard, which reduces energy consumption by monitoring the amount of traffic on an active link and putting the link into a sleep state during quiet periods
- The latest Application-Specific Integrated Circuits (ASICs), which use low-power 28-nanometer technology and low-power, high-performance ARM CPUs
- Automatic power shutoff on ports when a link is down
- LEDs that can be turned off to save power
- Embedded intelligence to adjust signal strength based on the length of the connecting cable
Networkwide automatic voice deployment
Using a combination of Cisco Discovery Protocol, LLDP-MED, Auto Smartports, and Voice Services Discovery Protocol (VSDP, a unique Cisco protocol), customers can deploy an end-to-end voice network dynamically. The switches in the network automatically converge around a single voice VLAN and QoS parameters and then propagate them out to the phones on the ports, where they are discovered. For example, automated voice VLAN capabilities let you plug any IP phone (including third-party phones) into your IP telephony network and receive an immediate dial tone. The switch automatically configures the device with the right VLAN and QoS parameters to prioritize voice traffic.
Peace of mind and investment protection
Cisco 350X Series switches offer the reliable performance and peace of mind you expect from a Cisco switch. When you invest in the Cisco 350X Series, you gain the benefit of:
- Limited lifetime warranty with Next-Business-Day (NBD) advance replacement (where available; otherwise same day shipping)
- A solution that has been rigorously tested to help ensure optimal network uptime to keep employees connected to primary resources and productive
- A solution designed and tested to easily and fully integrate with other Cisco voice, unified communications, security, and networking products, as part of a comprehensive technology platform for your business
Cisco limited lifetime hardware warranty
Cisco 350X Series switches offer a limited lifetime hardware warranty with NBD advance replacement (where available; otherwise same day shipping) and a limited lifetime warranty for fans and power supplies.
In addition, Cisco offers software application updates for bug fixes for the warranty term and telephone technical support at no charge for the first 12 months following the date of purchase. To download software updates, go to https://software.cisco.com/download/navigator.html.
Product warranty terms and other information applicable to Cisco products are available at https://www.cisco.com/go/warranty.
World-class service and support
Your time is valuable, especially when you have a problem affecting your business. Cisco 350X Series switches are backed by the Cisco Smart Net Total Care® Service, which provides affordable peace-of-mind coverage. This subscription-based service helps you protect your investment and derive maximum value from Cisco Small Business products. Delivered by Cisco and backed by your trusted partner, this comprehensive service includes software updates and access to the Cisco Support Center, and it extends technical service to three years.
Cisco Small Business products are supported by professionals in the Cisco Support Center, a dedicated resource for small business customers and networks, with locations worldwide that are specifically trained to understand your needs. You also have access to extensive technical and product information through the Cisco Support Community, an online forum that enables you to collaborate with your peers and reach Cisco technical experts for support information.
Product specifications
Performance
Switching capacity and forwarding rate. All switches are wire speed and nonblocking
- Capacity in Mpps (64-byte packets) : 178.56
- Switching capacity (Gbps) : 240
Layer 2 switching
- Spanning Tree Protocol :
- Standard 802.1d spanning tree support
- Fast convergence using 802.1w (Rapid Spanning Tree Protocol [RSTP]), enabled by default
- Multiple spanning tree instances using 802.1s (MSTP); 8 instances are supported
- Per-VLAN Spanning Tree Plus (PVST+); 126 instances are supported
- Rapid PVST+ (RPVST+); 126 instances are supported
- Port grouping and link aggregation : Support for IEEE 802.3ad Link Aggregation Control Protocol (LACP)
- Up to 8 groups
- Up to 8 ports per group with 16 candidate ports for each (dynamic) 802.3ad LAG
- VLAN :
- Support for up to 4094 active VLANs simultaneously; port-based and 802.1Q tag-based VLANs; MAC-based VLAN
- Management VLAN
- Private VLAN with promiscuous, isolated, and community port
- Guest VLAN, unauthenticated VLAN, protocol-based VLAN, IP subnet-based VLAN, CPE VLAN
- Dynamic VLAN assignment using RADIUS server along with 802.1X client authentication
- Voice VLAN : Voice traffic is automatically assigned to a voice-specific VLAN and treated with appropriate levels of QoS. Auto voice capabilities deliver networkwide zero-touch deployment of voice endpoints and call control devices
- Multicast TV VLAN : Multicast TV VLAN allows the single multicast VLAN to be shared in the network while subscribers remain in separate VLANs. This feature is also known as Multicast VLAN Registration (MVR)
- VLAN translation : Support for VLAN One-to-One Mapping. In VLAN One-to-One Mapping, on an edge interface, Customer VLANs (C-VLANs) are mapped to service provider VLANs (S-VLANs) and the original C-VLAN tags are replaced by the specified S-VLAN
- Q-in-Q : VLANs transparently cross over a service provider network while isolating traffic among customers
- Selective Q-in-Q :
- Selective Q-in-Q is an enhancement to the basic Q-in-Q feature and provides, per edge interface, multiple mappings of different C-VLANs to separate S-VLANs
- Selective Q-in-Q also allows configuration of the EtherType (TPID) of the S-VLAN tag
- Layer 2 protocol tunneling over Q-in-Q is also supported
- GVRP/GARP : Generic VLAN Registration Protocol (GVRP) and Generic Attribute Registration Protocol (GARP) enable automatic propagation and configuration of VLANs in a bridged domain
- UDLD : Unidirectional Link Detection (UDLD) monitors physical connections to detect unidirectional links caused by incorrect wiring or port faults to prevent forwarding loops and blackholing of traffic in switched networks
- DHCP relay at Layer 2 : Relay of DHCP traffic to a DHCP server in a different VLAN. Works with DHCP option 82
- IGMP (versions 1, 2, and 3) snooping : Internet Group Management Protocol (IGMP) limits bandwidth-intensive multicast traffic to only the requesters; it supports 4000 multicast groups (source-specific multicasting is also supported)
- IGMP querier : Used to support a Layer 2 multicast domain of snooping switches in the absence of a multicast router
- HOL blocking : Head-Of-Line (HOL) blocking
Layer 3
- IPv4 routing
- Wirespeed routing of IPv4 packets
- Up to 990 static routes and up to 128 IP interfaces
- Wirespeed IPv6 static routing : Up to 245 static routes and up to 106 IPv6 interfaces
- Layer 3 interface : Configuration of Layer 3 interface on physical port, LAG, VLAN interface, or loopback interface
- CIDR : Support for Classless Interdomain Routing (CIDR)
- DHCP server :
- Switch functions as an IPv4 DHCP server serving IP addresses for multiple DHCP pools and scopes
- Support for DHCP options
- DHCP relay at Layer 3 : Relay of DHCP traffic across IP domains
- User Datagram Protocol (UDP) relay : Relay of broadcast information across Layer 3 domains for application discovery or relaying of BOOTP/DHCP packets
Stacking
- Hardware stack : Up to four units in a stack. Up to 208 ports managed as a single system with hardware failover
- High availability : Fast stack failover delivers minimal traffic loss. Supports link aggregation across multiple units in a stack
- Plug-and-play stacking configuration and management :
- Master and backup for resilient stack control
- Auto-numbering
- Hot swap of units in stack
- Ring and chain stacking options, auto-stacking port speed, flexible stacking port options
- High-speed stack interconnects : Cost-effective high-speed 10G fiber and copper interfaces. Support LAG as stacking interconnects for even higher bandwidth
- Hybrid stack : A mix of SG350X, SG350XG, and SX350X switches in the same stack (Gigabit and 10 Gigabit Ethernet)
Security
- SSH : Secure Shell (SSH) is a secure replacement for Telnet traffic. Secure Copy (SCP) also uses SSH. SSH versions 1 and 2 are supported
- SSL : Secure Sockets Layer (SSL) encrypts all HTTPS traffic, allowing secure access to the browser-based management GUI in the switch
- IEEE 802.1X (authenticator role) :
- RADIUS authentication and accounting, MD5 hash, guest VLAN, unauthenticated VLAN, single- and multiple-host mode, and single and multiple sessions
- Supports time-based 802.1X dynamic VLAN assignment
- IEEE 802.1X supplicant : A switch can be configured to act as a supplicant to another switch. This enables extended secure access in areas outside the wiring closet (such as conference rooms)
- Web-based authentication : Web-based authentication provides Network Admission Control (NAC) through a web browser to any host devices and operating systems
- STP BPDU Guard : A security mechanism to protect the networks from invalid configurations. A port enabled for Bridge Protocol Data Unit (BPDU) Guard is shut down if a BPDU message is received on that port. This avoids accidental topology loops
- STP Root Guard : Prevents edge devices not in the network administrator’s control from becoming Spanning Tree Protocol root nodes
- DHCP snooping : Filters out DHCP messages with unregistered IP addresses and/or from unexpected or untrusted interfaces. This prevents rogue devices from behaving as DHCP servers
- IP Source Guard (IPSG) : When IPSG is enabled at a port, the switch filters out IP packets received from the port if the source IP addresses of the packets have not been statically configured or dynamically learned from DHCP snooping. This prevents IP address spoofing
- Dynamic ARP Inspection (DAI) : The switch discards ARP packets from a port if there are no static or dynamic IP/MAC bindings or if there is a discrepancy between the source or destination address in the ARP packet. This prevents man-in-the-middle attacks
- IP/MAC/Port Binding (IPMB) : The preceding features (DHCP snooping, IPSG, and DAI) work together to prevent DoS attacks in the network, thereby increasing network availability
- Secure Core Technology (SCT) : Makes sure that the switch will receive and process management and protocol traffic no matter how much traffic is received
- Secure Sensitive Data (SSD) : A mechanism to manage sensitive data (such as passwords, keys, and so on) securely on the switch, populating this data to other devices and secure auto-configuration. Access to view the sensitive data as plain text or encrypted is provided according to the user-configured access level and the access method of the user
- Trustworthy systems :
- Trustworthy systems provide a highly secure foundation for Cisco products
- Run-time defenses (Executable Space Protection [X-Space], Address Space Layout Randomization [ASLR], Built-In Object Size Checking [BOSC])
- Image signing and Secure Boot on select models (SG350X-12PMV, SG350X-24PV, SG350X-48PV, and all SX350X models)
- Private VLAN : Provides security and isolation between switch ports, which helps ensure that users cannot snoop on other users’ traffic; supports multiple uplinks
- Port security : Provides the ability to lock source MAC addresses to ports and limit the number of learned MAC addresses
- RADIUS and TACACS+ : Supports RADIUS and TACACS authentication. Switch functions as a client
- RADIUS accounting : The RADIUS accounting functions allow data to be sent at the start and end of services, indicating the amount of resources (such as time, packets, bytes, and so on) used during the session
- Storm control : Broadcast, multicast, and unknown unicast
- DoS prevention : Denial-of-Service (DoS) attack prevention
- Multiple user privilege levels in Command-Line Interface (CLI) : Level 1, 7, and 15 privilege levels
- ACLs
- Support for up to 1000 entries for SG350X models
- Support for up to 2000 entries for all other models
- Drop or rate limit based on source and destination MAC, VLAN ID or IP address, protocol, port, DSCP/IP precedence, TCP/UDP source and destination ports, 802.1p priority, Ethernet type, Internet Control Message Protocol (ICMP) packets, IGMP packets, TCP flag. ACLs can be applied on both ingress and egress sides
- Time-based ACLs are supported
Quality of service
- Priority levels : 8 hardware queues
- Scheduling : Strict priority and Weighted Round-Robin (WRR)
- Class of service :
- Port based; 802.1p VLAN priority based; IPv4/v6 IP precedence, Type of Service (ToS), and DSCP based; DiffServ; classification and remarking ACLs, trusted QoS
- Queue assignment based on Differentiated Services Code Point (DSCP) and class of service (802.1p/CoS)
- Rate limiting : Ingress policer; egress shaping and ingress rate control; per VLAN, per port, and flow based; Two-Rate Three-Color (2R3C) policing
- Congestion avoidance : A TCP congestion avoidance algorithm is required to minimize and prevent global TCP loss synchronization
- iSCSI traffic optimization : A mechanism for giving priority to SCSI over IP (iSCSI) traffic over other types of traffic
Standards
- Standards : IEEE 802.3 10BASE-T Ethernet, IEEE 802.3u 100BASE-TX Fast Ethernet, IEEE 802.3ab 1000BASE-T Gigabit Ethernet, IEEE 802.3bz 2.5GBase-T and 5GBase-T, IEEE 802.3ad Link Aggregation Control Protocol, IEEE 802.3z Gigabit Ethernet, IEEE 802.3ae 10 Gbit/s Ethernet over fiber for LAN, IEEE 802.3an 10GBase-T 10 Gbit/s Ethernet over copper twisted pair cable, IEEE 802.3x Flow Control, IEEE 802.1D (STP, GARP, and GVRP), IEEE 802.1Q/p VLAN, IEEE 802.1w Rapid STP, IEEE 802.1s Multiple STP, IEEE 802.1X Port Access Authentication, IEEE 802.3af, IEEE 802.3at, IEEE 802.1AB Link Layer Discovery Protocol, IEEE 802.3az Energy Efficient Ethernet, NBASE-T, RFC 768, RFC 783, RFC 791, RFC 792, RFC 793, RFC 813, RFC 826, RFC 879, RFC 896, RFC 854, RFC 855, RFC 856, RFC 858, RFC 894, RFC 919, RFC 920, RFC 922, RFC 950, RFC 951, RFC 1042, RFC 1071, RFC 1123, RFC 1141, RFC 1155, RFC 1157, RFC 1213, RFC 1215, RFC 1286, RFC 1350, RFC 1442, RFC 1451, RFC 1493, RFC 1533, RFC 1541, RFC 1542, RFC 1573, RFC 1624, RFC 1643, RFC 1700, RFC 1757, RFC 1867, RFC 1907, RFC 2011, RFC 2012, RFC 2013, RFC 2030, RFC 2131, RFC 2132, RFC 2233, RFC 2576, RFC 2616, RFC 2618, RFC 2665, RFC 2666, RFC 2674, RFC 2737, RFC 2819, RFC 2863, RFC 3164, RFC 3176, RFC 3411, RFC 3412, RFC 3413, RFC 3414, RFC 3415, RFC 3416, RFC 4330
IPv6
- IPv6
- IPv6 host mode IPv6 over Ethernet dual IPv6/IPv4 stack
- IPv6 neighbor and router discovery (ND), IPv6 stateless address auto-configuration, path Maximum Transmission Unit (MTU) discovery
- Duplicate Address Detection (DAD) ICMP v6
- IPv6 over IPv4 network with Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunnel support
- USGv6 and IPv6 Gold logo certified
- IPv6 QoS : Prioritize IPv6 packets in hardware
- IPv6 ACL : Drop or rate-limit IPv6 packets in hardware
- IPv6 First Hop Security
- RA guard
- ND inspection
- DHCP v6 guard
- Neighbor binding table (snooping and static entries)
- Neighbor binding integrity check
- Multicast Listener Discovery (MLD v1/2) snooping : Deliver IPv6 multicast packets only to the required receivers
- IPv6 applications : Web/SSL, Telnet Server/SSH, Ping, Traceroute, Simple Network Time Protocol (SNTP), Trivial FTP (TFTP), SNMP, RADIUS, Syslog, DNS client, DHCP Client, DHCP Autoconfig, IPv6 DHCP Relay, TACACS
- IPv6 RFC supported
- RFC 4443 (which obsoletes RFC 2463): ICMP v6
- RFC 4291 (which obsoletes RFC 3513): IPv6 address architecture
- RFC 4291: IP Version 6 Addressing Architecture
- RFC 2460: IPv6 Specification
- RFC 4861 (which obsoletes RFC 2461): Neighbor Discovery for IPv6
- RFC 4862 (which obsoletes RFC 2462): IPv6 Stateless Address Autoconfiguration
- RFC 1981: Path MTU Discovery
- RFC 4007: IPv6 Scoped Address Architecture
- RFC 3484: Default address selection mechanism
- RFC 5214 (which obsoletes RFC 4214): ISATAP tunneling
- RFC 4293; MIB IPv6: Textual Conventions and General Group
- RFC 3595; Textual Conventions for IPv6 Flow Label
Management
- Web user interface
- Built-in switch configuration utility for easy browser-based device configuration (HTTP/HTTPS)
- Supports simple and advanced mode, configuration, wizards, customizable dashboard, system maintenance, monitoring, online help, and universal search
- Smart Network Application : An innovative network-level monitoring and management tool embedded in Cisco 250 to 550X Series switches. It can discover network topology, display link status, monitor events, apply configurations, and upgrade software images across multiple switches in the network
- SNMP : SNMP versions 1, 2c, and 3 with support for traps, and SNMP v3 User-based Security Model (USM)
- Standard MIBs
- lldp-MIB
- lldpextdot1-MIB
- lldpextdot3-MIB
- lldpextmed-MIB
- rfc2674-MIB
- rfc2575-MIB
- rfc2573-MIB
- rfc2233-MIB
- rfc2013-MIB
- rfc2012-MIB
- rfc2011-MIB
- RFC-1212
- RFC-1215
- SNMPv2-CONF
- SNMPv2-TC
- p-bridge-MIB
- q-bridge-MIB
- rfc1389-MIB
- rfc1493-MIB
- rfc1611-MIB
- rfc1612-MIB
- rfc1850-MIB
- rfc1907-MIB
- rfc2571-MIB
- rfc2572-MIB
- rfc2574-MIB
- rfc2576-MIB
- rfc2613-MIB
- rfc2665-MIB
- rfc2668-MIB
- rfc2737-MIB
- rfc2925-MIB
- rfc3621-MIB
- rfc4668-MIB
- rfc4670-MIB
- trunk-MIB
- tunnel-MIB
- udp-MIB
- draft-ietf-bridge-8021x-MIB
- draft-ietf-bridge-rstpmib-04-MIB
- draft-ietf-hubmib-etherif-mib-v3-00-MIB
- draft-ietf-syslog-device-MIB
- ianaaddrfamnumbers-MIB
- ianaifty-MIB
- ianaprot-MIB
- inet-address-MIB
- ip-forward-MIB
- ip-MIB
- RFC1155-SMI
- RFC1213-MIB
- SNMPv2-MIB
- SNMPv2-SMI
- SNMPv2-TM
- RMON-MIB
- rfc1724-MIB
- dcb-raj-DCBX-MIB-1108-MIB
- rfc1213-MIB
- rfc1757-MIB
- Private MIBs
- CISCOSB-lldp-MIB
- CISCOSB-brgmulticast-MIB
- CISCOSB-bridgemibobjects-MIB
- CISCOSB-bonjour-MIB
- CISCOSB-dhcpcl-MIB
- CISCOSB-MIB
- CISCOSB-wrandomtaildrop-MIB
- CISCOSB-traceroute-MIB
- CISCOSB-telnet-MIB
- CISCOSB-stormctrl-MIB
- CISCOSBssh-MIB
- CISCOSB-socket-MIB
- CISCOSB-sntp-MIB
- CISCOSB-smon-MIB
- CISCOSB-phy-MIB
- CISCOSB-multisessionterminal-MIB
- CISCOSB-mri-MIB
- CISCOSB-jumboframes-MIB
- CISCOSB-gvrp-MIB
- CISCOSB-endofmib-MIB
- CISCOSB-dot1x-MIB
- CISCOSB-deviceparams-MIB
- CISCOSB-cli-MIB
- CISCOSB-cdb-MIB
- CISCOSB-brgmacswitch-MIB
- CISCOSB-3sw2swtables-MIB
- CISCOSB-smartports-MIB
- CISCOSB-tbi-MIB
- CISCOSB-macbaseprio-MIB
- CISCOSB-env_mib-MIB
- CISCOSB-policy-MIB
- CISCOSB-sensor-MIB
- CISCOSB-aaa-MIB
- CISCOSB-application-MIB
- CISCOSB-bridgesecurity-MIB
- CISCOSB-copy-MIB
- CISCOSB-CpuCounters-MIB
- CISCOSB-Custom1BonjourService-MIB
- CISCOSB-dhcp-MIB
- CISCOSB-dlf-MIB
- CISCOSB-dnscl-MIB
- CISCOSB-embweb-MIB
- CISCOSB-fft-MIB
- CISCOSB-file-MIB CISCOSB-greeneth-MIB
- CISCOSB-interfaces-MIB
- CISCOSB-interfaces_recovery-MIB
- CISCOSB-ip-MIB
- CISCOSB-iprouter-MIB
- CISCOSB-ipv6-MIB
- CISCOSB-mnginf-MIB
- CISCOSB-lcli-MIB
- CISCOSB-iprouter-MIB
- CISCOSB-ipv6-MIB
- CISCOSB-mnginf-MIB
- CISCOSB-lcli-MIB
- CISCOSB-localization-MIB
- CISCOSB-mcmngr-MIB
- CISCOSB-localization-MIB
- CISCOSB-mcmngr-MIB
- CISCOSB-mng-MIB
- CISCOSB-physdescription-MIB
- CISCOSB-PoE-MIB
- CISCOSB-protectedport-MIB
- CISCOSB-rmon-MIB
- CISCOSB-rs232-MIB
- CISCOSB-SecuritySuite-MIB
- CISCOSB-snmp-MIB
- CISCOSB-specialbpdu-MIB
- CISCOSB-banner-MIB
- CISCOSB-syslog-MIB
- CISCOSB-TcpSession-MIB
- CISCOSB-traps-MIB
- CISCOSB-trunk-MIB
- CISCOSB-tuning-MIB
- CISCOSB-tunnel-MIB
- CISCOSB-udp-MIB
- CISCOSB-vlan-MIB
- CISCOSB-ipstdacl-MIB
- CISCOSB-eee-MIB
- CISCOSB-ssl-MIB
- CISCOSB-digitalkeymanage-MIB
- CISCOSB-qosclimib-MIB
- CISCOSB-tbp-MIB
- CISCOSB-stack-MIB
- CISCOSMB-MIB
- CISCOSB-secsd-MIB
- CISCOSB-draft-ietf-entmib-sensor-MIB
- CISCOSB-draft-ietf-syslog-device-MIB
- CISCOSB-rfc2925-MIB
- CISCO-SMI-MIB
- CISCOSB-DebugCapabilities-MIB
- CISCOSB-CDP-MIB
- CISCOSB-vlanVoice-MIB
- CISCOSB-EVENTS-MIB
- CISCOSB-sysmng-MIB
- CISCOSB-sct-MIB
- CISCO-TC-MIB
- CISCO-VTP-MIB
- CISCO-CDP-MIB
- RMON : Embedded Remote Monitoring (RMON) software agent supports four RMON groups (history, statistics, alarms, and events) for enhanced traffic management, monitoring, and analysis
- IPv4 and IPv6 dual stack : Coexistence of both protocol stacks to ease migration
- Firmware upgrade
- Web browser upgrade (HTTP/HTTPS) and TFTP and SCP
- Upgrade can be initiated through console port as well
- Dual images for resilient firmware upgrades
- Port mirroring : Traffic on a port or LAG can be mirrored to another port for analysis with a network analyzer or RMON probe. Up to 8 source ports can be mirrored to one destination port
- VLAN mirroring : Traffic from a VLAN can be mirrored to a port for analysis with a network analyzer or RMON probe. Up to 8 source VLANs can be mirrored to one destination port
- Flow-based redirection and mirroring : Redirect or mirror traffic to a destination port or mirroring session based on flow
- Remote Switch Port Analyzer (RSPAN) : Traffic can be mirrored across a Layer 2 domain to a remote port on a different switch for easier troubleshooting
- sFlow agent : Switch can export sFlow samples to external collectors. sFlow provides visibility into network traffic down to the flow level
- DHCP (options 12, 66, 67, 82, 129, and 150) : DHCP options facilitate tighter control from a central point (DHCP server), to obtain IP address, auto-configuration (with configuration file download), DHCP Relay, and host name
- Auto-configuration with secure copy (SCP) file download : Enables secure mass deployment with protection of sensitive data
- Text-editable configurations
- Config files can be edited with a text editor and downloaded to another switch, facilitating easier mass deployment
- Smartports : Simplifies configuration of QoS and security capabilities
- Auto Smartports : Automatically applies the intelligence delivered through the Smartports roles to the port based on the devices discovered over Cisco Discovery Protocol or LLDP-MED. This facilitates zero-touch deployments
- Secure Copy (SCP) : Securely transfers files to and from the switch
- Textview CLI : Scriptable CLI. A full CLI as well as a menu CLI are supported
- Cloud services : Support for Cisco FindIT Network Manager and Active Advisor
- Embedded FindIT Network Probe : Support for the embedded FindIT Network Probe running on the switch. Eliminates the need to set up a separate hardware or virtual machine for the FindIT Network Probe on site
- Cisco Network Plug and Play (PnP) agent :
- A simple, secure, unified, and integrated offering to ease new branch or campus device rollouts or for provisioning updates to an existing network. The solution provides a unified approach to provision Cisco routers, switches, and wireless devices with a near-zero-touch deployment experience
- Supports Cisco PnP Connect
- Localization : Localization of GUI and documentation into multiple languages
- Login banner : Configurable multiple banners for web as well as CLI
- Time-based port operation : Link up or down based on user-defined schedule (when the port is administratively up)
- Other management : Traceroute, single IP management, HTTP/HTTPS, SSH, RADIUS, port mirroring, TFTP upgrade, DHCP client, SNTP, Xmodem upgrade, cable diagnostics, Ping, syslog, Telnet client, SSH client, automatic time settings from management station
Green (power efficiency)
- Energy Detect : Automatically turns power off on RJ-45 port when the switch detects a link down. Active mode is resumed without loss of any packets when the switch detects the link is up
- Cable length detection : Adjusts the signal strength based on the cable length. Reduces the power consumption for shorter cables
- EEE compliant (802.3az) : Supports IEEE 802.3az on all 10 Gigabit Ethernet copper ports
- Disable port LEDs : LEDs can be manually turned off to save energy
General
- Jumbo frames : Frame sizes up to 9000 bytes. The default MTU is 2000
- MAC table :
- 32,000 addresses on SG350XG and SX350X models
- 16,000 addresses on all other models
Discovery
- Bonjour : The switch advertises itself using the Bonjour protocol
- LLDP (802.1ab) with LLDP-MED extensions : Link Layer Discovery Protocol (LLDP) allows the switch to advertise its identification, configuration, and capabilities to neighboring devices that store the data in a MIB. LLDP-MED is an enhancement to LLDP that adds the extensions needed for IP phones
- Cisco Discovery Protocol : The switch advertises itself using the Cisco Discovery Protocol. It also learns the connected device and its characteristics using Cisco Discovery Protocol
Product specifications
- Power consumption (worst case)
- Green power (mode) : EEE, Energy Detect, Short Reach
- System power consumption : 110V=63.9W, 220V=64.1W
- Power consumption (with PoE) : N/A
- Heat dissipation (BTU/hr) : 218.7
- Ports
- Total system ports : 10x 10G copper + 2x combo 10G copper/SFP+ + 1x 1G OOB management
- Network ports : 10x 10G
- Uplink ports : 2x 10G copper/SFP+ combo
- Total system ports : 10x 10G copper + 2x combo 10G copper/SFP+ + 1x 1G OOB management
- Console port : Cisco standard RJ-45 console port
- OOB management port : Dedicated Gigabit Ethernet management port for Out-Of-Band (OOB) management on SG350XG and SX350X models
- USB slot : USB Type A slot on the front panel of the switch for easy file and image management
- Buttons : Reset button
- Cabling type : UTP Category 5 or better; fiber options (Single-Mode Fiber [SMF] and Multimode Fiber [MMF]); coaxial SFP+
- LEDs : System, master, stack ID, link/speed per port
- Flash : 256 MB
- CPU
- 1.3-GHz and 800-MHz (dual-core) ARM for SG350XG and SX350X models
- 800-MHz ARM for all other models
- CPU memory : 512 MB
- Packet buffer : All numbers are aggregate across all ports because the buffers are dynamically shared: 3 MB
Environmental
- Unit dimensions (W x H x D) : 440 x 44 x 203 mm (17.3 x 1.73 x 8.0 in)
- Unit weight : 2.93 kg (6.46 lb)
- Power : 100 to 240V 47 to 63 Hz, internal, universal
- Certification : UL (UL 60950), CSA (CSA 22.2), CE mark, FCC Part 15 (CFR 47) Class A
- Operating temperature : 32° to 122°F (0° to 50°C)
- Storage temperature : -4° to 158°F (-20° to 70°C)
- Operating humidity : 10% to 90%, relative, noncondensing
- Storage humidity : 10% to 90%, relative, noncondensing
Acoustic noise and Mean Time Between Failures (MTBF)
- Fan (number) : 2
- Acoustic noise : 0°C to 25°C: 40.5 dB, 50°C: 51.8 dB
- MTBF at 50°C (122°F) (hours) : 341,232
Warranty : Limited lifetime with next-business-day advance replacement (where available, otherwise same day shipping)
Package contents
- Cisco 350X Series Stackable Managed Switch
- Power cord
- Mounting kit included with all models
- Console cable
- Quick Start Guide
Minimum requirements
- Web browser: Mozilla Firefox version 34 or later, Microsoft Internet Explorer version 9 or later, Chrome version 40 or later, Safari version 5 or later
- Category 5e Ethernet network cable for Gigabit Ethernet speeds at up to 100m; Category 6a Ethernet network cable for 10 Gigabit Ethernet speeds at up to 100m
- TCP/IP, network adapter, and network operating system (such as Microsoft Windows, Linux, or Mac OS X) installed