ACLs on Catalyst 2960 family

The documentation I've found on seems to imply that the Catalyst 2960 series can accommodate IP-based port ACLs. Is that really the case, or is this basically just an offering to tighten down security on accessing the management interface(s)?

Thanks, Mike

-- | Systems Specialist: CBE,MSE Michael T. Davis (Mike) | Departmental Networking/Computing

formatting link
| The Ohio State University | 197 Watts, (614) 292-6928

Reply to
Michael T. Davis
Loading thread data ...

I'm pretty sure a 2960 is a fully featured l3 switch, and therefore does support layer 3 ACLs just like any router. See this link/blurb:

formatting link
"To guard against denial-of-service (DoS) and other attacks, ACLs can be used to restrict access to sensitive portions of the network by denying packets based on source and destination MAC addresses, IP addresses, or TCP/User Datagram Protocol (UDP) ports. ACL lookups are done in hardware, so forwarding performance is not compromised when ACL-based security implemented."

Reply to

Catalyst 2960's are layer 2 switches

Cisco has two software offering for these switches: a) "Layer2+" b) LAN lite - i.e. basic layer 2 features

Part of the "layer2+" is the ability to configure access-lists

Reply to
Merv Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.