2007/11/23

CE 500 smartport

Smartport Roles

The Smartports are preconfigured switch ports that provide preset Cisco recommended network enhancements, Quality of Service (QoS) and security. Catalyst Express 500 series switches have a number of Smartport roles. Each port role is just a configuration template. With these templates, users can consistently and reliably configure essential security, availably, and QoS features with minimal effort and expertise. Smartport roles simplify the configuration of critical features.

The port roles are based on the type of devices to be connected to the switch ports. For example, the Desktop port role is specifically for the switch ports that are connected to desktop or laptop PCs.

Smartport Role

Description

Desktop

Apply this role to ports that are connected to desktop devices, such as desktop PCs, workstations, notebook PCs, and other client-based hosts.

  • Optimized for desktop connectivity

  • Configurable VLAN setting

  • Port security enabled to limit unauthorized access to the network

Switch

Apply this role to ports that are connected to other switches.

  • Configured as an uplink port to a backbone switch for fast convergence

  • Enables 802.1Q trunking

  • Configurable native VLAN

Router

Apply this role to ports that are connected to WAN devices that connect to the Internet, such as routers and Layer 3 switches with routing service capabilities, firewalls, or VPN Concentrators.

  • Configured for optimal connection to a router or firewall for WAN connectivity

  • Enables 802.1Q trunking

  • Configurable native VLAN

IP Phone+Desktop

Apply this role to ports that are connected to IP phones.

A desktop device, such as a PC, can be connected to the IP phone. Both the IP phone and connected PC have access to the network and the Internet through the switch port. This role prioritizes voice traffic over data traffic to ensure clear voice reception on the IP phones.

  • Optimized QoS for IP Phone + Desktop configurations

  • Voice traffic is placed on Cisco-Voice VLAN

  • Configurable data VLAN

  • QoS level assures Voice over IP (VoIP) traffic takes precedence

  • Port security enabled to limit unauthorized access to the network

Access Point

Apply this role on switch ports that connect to non-Power over Ethernet (PoE) and PoE-capable wireless access points (APs). Connected to the AP are mobile devices, such as wireless laptop PCs.

  • Configured for optimal connection to a wireless access point

  • Enables 802.1Q trunking

  • Configurable native VLAN

Note: Functionality of Cisco Wireless Bridges are more similar to that of a switch. So, Cisco recommends the Switch smartport role for Wireless Bridges.

Server

Apply this role to ports that are connected to servers that provide network services, such as Exchange servers, collaborative servers, terminal servers, file servers, Dynamic Host Configuration Protocol (DHCP) servers, IP private branch exchange (PBX) servers, and so on. This role is for Gigabit or non-Gigabit ports, based on the server type to be connected.

  • Configurable VLAN

  • Port security enabled to limit unauthorized access to the network

This role prioritizes server traffic as trusted, critical, business, or standard, based on the function of the server.

  • Trusted—For use with Cisco CallManager Express. The same QoS setting as Voice (VoIP traffic is prioritized).

  • Critical—For critical servers with QoS set higher than the default.

  • Business—The default setting. QoS is higher than desktop Internet traffic.

  • Standard—For servers set to the same level as regular desktop Internet traffic.

Printer

Apply this role on switch ports that connect to a printer, such as a network printer or an external print server. This role prevents printer traffic from affecting voice and critical data traffic.

  • QoS settings for Printer are the same as Desktop, Access Point, and Standard Server

  • Configurable VLAN

  • Port security enabled to limit unauthorized access to the network

Guest

Apply this role to ports that are connected to desktop devices and to APs to provide guest wireless access.

  • Guests are allowed access to the Internet, but not to the company network.

  • All guest ports are placed on the Cisco-Guest VLAN.

  • Port security enabled to limit unauthorized access to the network.

Other

Apply this role on switch ports if you do not want to assign a specialized role on the port.

This role can be used on connections to guest or visitor devices, printers, desktops, servers, and IP phones. It allows for flexible connectivity of non-specified devices.

  • Configurable VLAN

  • No security policy

  • No QoS policy

Diagnostic

Customers can connect diagnostics devices to monitor traffic on other switches (can be configured using Cisco Network Assistant only).

張貼者:
標籤: