3850 series 24 Port gigabit ethernet IP Services Switch WS-C3850-24S-E
The Cisco Catalyst 3850 Series Switches support five optional network modules for uplink ports. The
default switch configuration does not include the network module. At the time of switch purchase the customer
has the flexibility to choose from the network modules described in Table 2.
Figure 5 shows the following network modules:
● 4 x Gigabit Ethernet with Small Form-Factor Pluggable (SFP) receptacles
● 2 x 10 Gigabit Ethernet with SFP+ or 4 x Gigabit Ethernet with SFP receptacles
● 4 x 10 Gigabit Ethernet with SFP+ receptacles (supported only on the 48-port Gigabit Ethernet models or
on the 12-port or higher 10 Gigabit Ethernet models)
| Product Code |
WS-C3850-24S-E |
| Enclosure Type |
1 RU |
| Feature Set |
IP Services |
| Network SFP uplink module selection |
C3850-NM-4-1G
C3850-NM-2-10G
|
| Ports |
24 × 10/100/1000 SFP Optical ports |
| Maximum stacking number |
9 |
| Stack bandwidth |
480 Gpbs |
| RAM |
4 GB |
| Flash Memory |
2 GB |
| Dimensions (WDH) |
44.5 cm x 45 cm x 4.45 cm |
Advanced Security Features
Cisco Catalyst 3850 Series Switches support advanced security features including but not limited to:
● Protection against attackers:
◦ Port security secures the access to an access or trunk port based on MAC address. It limits the number of learned MAC
addresses to deny MAC address flooding.
◦ DHCP snooping prevents malicious users from spoofing a DHCP server and sending out bogus addresses. This feature
is used by other primary security features to prevent a number of other attacks such as ARP poisoning.
◦ Dynamic ARP inspection (DAI) helps ensure user integrity by preventing malicious users from exploiting the insecure
nature of ARP.
◦ IP source guard prevents a malicious user from spoofing (that is, taking over) another user’s IP address by creating a
binding table between the client’s IP and MAC address, port, and VLAN, and by using it to selectively block bogus packets.
◦ The Unicast Reverse Path Forwarding (uRPF) feature helps mitigate problems caused by the introduction of malformed or
forged (spoofed) IP source addresses into a network by discarding IP packets that lack a verifiable IP source address.
◦ Bidirectional data support on a SPAN port allows the Cisco Intrusion Detection System (IDS) to take action when an intruder
is detected.
Your message must be between 20-3,000 characters!
