Switching capacity (All switches are wire-speed and nonblocking)Forwarding rate in millions of packets per second (mpps; 64-byte packets)95,23Switching capacity in Gigabits per second (Gbps)128Layer 2 switchingSpanning Tree Protocol (STP)Standard 802.1d spanning tree support
Fast convergence using 802.1w (Rapid Spanning Tree Protocol [RSTP]), enabled by default
Multiple spanning tree instances using 802.1s (MSTP); 8 instances are supported
Per-VLAN Spanning Tree Plus (PVST+); 126 instances are supported
Rapid PVST+ (RPVST+); 126 instances are supportedPort grouping/link aggregationSupport for IEEE 802.3ad Link Aggregation Control Protocol (LACP)
Up to 4 groups
Up to 8 ports per group with 16 candidate ports for each (dynamic) 802.3ad Link Aggregation Group (LAG)VLANSupport for up to 255 active VLANs simultaneously
Port-based and 802.1Q tag-based VLANs
Management VLAN
Guest VLANVoice VLANVoice traffic is automatically assigned to a voice-specific VLAN and treated with appropriate levels of QoS. Voice Services Discovery Protocol (VSDP) delivers networkwide zero-touch deployment of voice endpoints and call control devicesGeneric VLAN Registration Protocol (GVRP) and Generic Attribute Registration Protocol (GARP)Protocols for automatically propagating and configuring VLANs in a bridged domainIGMP (versions 1, 2, and 3) snoopingInternet Group Management Protocol (IGMP) limits bandwidth-intensive multicast traffic to only the requesters; supports 255 multicast groups (source-specific multicasting is also supported)IGMP querierUsed to support a Layer 2 multicast domain of snooping switches in the absence of a multicast routerHOL blockingHead-of-Line (HOL) blocking preventionLoopback detectionProvides protection against loops by transmitting loop protocol packets out of ports on which loop protection has been enabled. It operates independently of STP.Layer 3 routingIPv4 routingWire-speed routing of IPv4 packets
Up to 32 static routes and up to 16 IP interfacesIPv6 routingWire-speed routing of IPv6 packetsLayer 3 interfaceConfiguration of Layer 3 interface on physical port, LAG, VLAN interface, or loopback interfaceClassless Interdomain Routing (CIDR)Support for CIDRDynamic Host Configuration Protocol (DHCP) relay at Layer 3Relay of DHCP traffic across IP domainsUser Datagram Protocol (UDP) relayRelay of broadcast information across Layer 3 domains for application discovery or relaying of Bootstrap Protocol (BootP)/DHCP packetsSecuritySecure Sockets Layer (SSL)SSL encrypts all HTTPS traffic, allowing secure access to the browser-based management GUI in the switchSecure Shell (SSH) ProtocolSSH is a secure replacement for Telnet traffic. Secure Copy (SCP) also uses SSH. SSH v1 and v2 are supported.IEEE 802.1X (authenticator role)Remote Authentication Dial-In User Service (RADIUS) authentication, guest VLAN, single/multiple host mode, and single/multiple sessionsSTP loopback guardProvides additional protection against Layer 2 forwarding loops (STP loops)Secure Core Technology (SCT)Ensures that the switch will receive and process management and protocol traffic no matter how much traffic is receivedSecure Sensitive Data (SSD)A mechanism to manage sensitive data (such as passwords, keys, and so on) securely on the switch, populating this data to other devices, and secure autoconfig. Access to view the sensitive data as plain text or encrypted is provided according to the user-configured access level and the access method of the userTrustworthy systemsTrustworthy systems provide a highly secure foundation for Cisco products
Run-time defenses (Executable Space Protection [X-Space], Address Space Layout Randomization [ASLR], Built-In Object Size Checking [BOSC])Port securityAbility to lock source MAC addresses to ports and limit the number of learned MAC addressesRADIUSSupports RADIUS authentication for management access. Switch functions as a client.Storm controlBroadcast, multicast, and unknown unicastDoS preventionDenial-of-Service (DoS) attack preventionMultiple user privilege levels in CLILevel 1, 7, and 15 privilege levelsAccess Control Lists (ACLs)Support for up to 512 rules
Drop or rate limit based on source and destination MAC, VLAN ID or IPv4 or IPv6 address, IPv6 flow label, protocol, port, Differentiated Services Code Point (DSCP)/IP precedence, TCP/UDP source and destination ports, 802.1p priority, Ethernet type, Internet Control Message Protocol (ICMP) packets, IGMP packets, TCP flag; ACL can be applied on both ingress and egress sides
Time-based ACLs supportedQoSPriority levels8 hardware queuesSchedulingStrict priority and Weighted Round-Robin (WRR) queue assignment based on DSCP and class of service (802.1p/CoS)Class of servicePort based; 802.1p VLAN priority based; IPv4/v6 IP precedence/Type of Service (ToS)/DSCP based; Differentiated Services (DiffServ); classification and re-marking ACLs, trusted QoSRate limitingIngress policer; egress shaping and rate control; per VLAN, per port, and flow basedCongestion avoidanceA TCP congestion avoidance algorithm is required to reduce and prevent global TCP loss synchronizationStandardsStandardsIEEE 802.3 10BASE-T Ethernet, IEEE 802.3u 100BASE-TX Fast Ethernet, IEEE 802.3ab 1000BASE-T Gigabit Ethernet, IEEE 802.3ad Link Aggregation Control Protocol, IEEE 802.3z Gigabit Ethernet, IEEE 802.3x Flow Control, IEEE 802.3 ad LACP, IEEE 802.1D (STP), IEEE 802.1Q/p VLAN, IEEE 802.1w RSTP, IEEE 802.1s Multiple STP, IEEE 802.1X Port Access Authentication, IEEE 802.3af, IEEE 802.3at, RFC 768, RFC 783, RFC 791, RFC 792, RFC 793, RFC 813, RFC 879, RFC 896, RFC 826, RFC 854, RFC 855, RFC 856, RFC 858, RFC 894, RFC 919, RFC 920, RFC 922, RFC 950, RFC 951, RFC 1042, RFC 1071, RFC 1123, RFC 1141, RFC 1155, RFC 1157, RFC 1213, RFC 1215, RFC 1286, RFC 1350, RFC 1442, RFC 1451, RFC 1493, RFC 1533, RFC 1541, RFC 1542, RFC 1573, RFC 1624, RFC 1643, RFC 1700, RFC 1757, RFC 1867, RFC 1907, RFC 2011, RFC 2012, RFC 2013, RFC 2030, RFC 2131, RFC 2132, RFC 2233, RFC 2576, RFC 2616, RFC 2618, RFC 2665, RFC 2666, RFC 2674, RFC 2737, RFC 2819, RFC 2863, RFC 3164, RFC 3411, RFC 3412, RFC 3413, RFC 3414, RFC 3415, RFC 3416, RFC 4330IPv6IPv6IPv6 host mode
IPv6 over Ethernet
IPv6/IPv4 Dual Stack
IPv6 Neighbor Discovery (ND)
IPv6 stateless address auto configuration
Path Maximum Transmission Unit (MTU) discovery
Duplicate Address Detection (DAD)
Internet Control Message Protocol (ICMP) version 6
IPv6 over IPv4 network with Intrasite Automatic Tunnel Addressing Protocol (ISATAP) support
USGv6 and IPv6 Gold Logo certifiedIPv6 QoSPrioritize IPv6 packets in hardwareIPv6 ACLDrop or rate limit IPv6 packets in hardwareMulticast Listener Discovery (MLD v1/2) snoopingDeliver IPv6 multicast packets only to the required receiversIPv6 applicationsWeb/SSL, Telnet server/SSH, Ping, Traceroute, Simple Network Time Protocol (SNTP), Trivial File Transfer Protocol (TFTP), Simple Network Management Protocol (SNMP), Remote Authentication Dial-In User Service (RADIUS), Syslog, DNS client, DHCP client, DHCP autoconfigIPv6 RFCs supportedRFC 4443 (which obsoletes RFC 2463): ICMPv6
RFC 4291 (which obsoletes RFC 3513): IPv6 address architecture
RFC 4291: IPv6 Addressing Architecture
RFC 2460: IPv6 Specification
RFC 4861 (which obsoletes RFC 2461): Neighbor Discovery for IPv6
RFC 4862 (which obsoletes RFC 2462): IPv6 Stateless Address Autoconfiguration
RFC 1981: Path MTU Discovery
RFC 4007: IPv6 Scoped Address Architecture
RFC 3484: Default address selection mechanism
RFC 5214 (which obsoletes RFC 4214): ISATAP tunneling
RFC 4293: Management Information Base (MIB) IPv6: Textual Conventions and General Group
RFC 3595: Textual Conventions for IPv6 Flow LabelManagementCisco Business DashboardSupport for embedded probe for Cisco Business Dashboard running on the switch. Eliminates the need to set up a separate hardware or virtual machine for the Cisco Business Dashboard Probe on site.Cisco Business mobile appMobile app for Cisco Business Switch and Wireless products. Helps to set up a local network in minutes and provide easy management at your fingertips.Cisco Network Plug and Play (PnP) agentThe Cisco Network Plug and Play solution provides a simple, secure, unified, and integrated offering to ease new branch or campus device rollouts or for provisioning updates to an existing network. The solution provides a unified approach to provision Cisco routers, switches, and wireless devices with a near-zero-touch deployment experience.
Supports Cisco PnP ConnectWeb user interfaceBuilt-in switch configuration utility for easy browser-based device configuration (HTTP/HTTPS). Supports configuration, wizards, system dashboard, system maintenance, and monitoring
Basic and advanced mode for maximum operational efficiencySNMPSNMP versions 1, 2c, and 3 with support for traps, and SNMP v3 User-based Security Model (USM)Remote monitoring (RMON)Embedded RMON software agent supports 4 RMON groups (history, statistics, alarms, and events) for enhanced traffic management, monitoring, and analysisIPv4 and IPv6 dual stackCoexistence of both protocol stacks to ease migrationFirmware upgradeWeb browser upgrade (HTTP/HTTPS) and TFTP and upgrade over SCP running over SSH
Dual images for resilient firmware upgradesPort mirroringTraffic on a port can be mirrored to another port for analysis with a network analyzer or RMON probe. Up to 4 source ports can be mirrored to one destination portVLAN mirroringTraffic from a VLAN can be mirrored to a port for analysis with a network analyzer or RMON probe. Up to 4 source VLANs can be mirrored to one destination portDynamic Host Configuration Protocol (DHCP) (options 12, 59, 60, 66, 67, 125, 129, and 150)DHCP options facilitate tighter control from a central point (DHCP server), to obtain IP address, autoconfiguration (with configuration and image file download), DHCP Relay, and host nameSecure Copy (SCP)Securely transfers files to and from the switchAutoconfiguration with SCP file downloadEnables mass deployment with protection of sensitive dataText-editable configsConfig files can be edited with a text editor and downloaded to another switch, facilitating easier mass deploymentSmartportsSimplified configuration of QoS and security capabilitiesAuto SmartportsAutomatically applies the intelligence delivered through the Smartports roles to the port based on the devices discovered over Cisco Discovery Protocol or LLDP-MED. This facilitates zero-touch deployments.Text view Command-Line Interface (CLI)Scriptable CLI. A full CLI as well as a menu-based CLI is supported. User privilege levels 1, 7, and 15 are supported for the CLI.LocalizationLocalization of GUI and documentation into multiple languagesLogin bannerConfigurable multiple banners for web as well as CLIOther managementTraceroute; single IP management; HTTP/HTTPS; RADIUS; port mirroring; TFTP upgrade; DHCP client; Simple Network Time Protocol (SNTP); cable diagnostics; Ping; syslog; Telnet client (SSH secure support); automatic time settings from Management StationGreen (power efficiency)Energy detectAutomatically turns power off on RJ-45 port when detecting link down. Active mode is resumed without loss of any packets when the switch detects the link is upCable length detectionAdjusts the signal strength based on the cable length. Reduces the power consumption for shorter cablesEEE compliant (802.3az)Supports IEEE 802.3az on all copper Gigabit Ethernet portsDisable port LEDsLEDs can be manually turned off to save on energyTime-based port operationLink up or down based on user-defined schedule (when the port is administratively up)Time-based PoEPoE power can be on or off based on user-defined schedule to save energyGeneralJumbo framesFrame sizes up to 9K bytes. The default MTU is 2K bytesMAC table8K addressesDiscoveryBonjourThe switch advertises itself using the Bonjour protocolLink Layer Discovery Protocol (LLDP) (802.1ab) with LLDP-MED extensionsLink Layer Discovery Protocol (LLDP) allows the switch to advertise its identification, configuration, and capabilities to neighboring devices that store the data in a MIB. LLDP-MED is an enhancement to LLDP that adds the extensions needed for IP phonesCisco Discovery ProtocolThe switch advertises itself using the Cisco Discovery Protocol. It also learns the connected device and its characteristics using Cisco Discovery ProtocolPower over Ethernet802.3at PoE+ and 802.3af PoE delivered over any of the RJ-45 ports within the listed power budgetsThe following switches support 802.3at PoE+, 802.3af, and Cisco prestandard (legacy) PoE. Maximum power of 30.0W to any 10/100 or Gigabit Ethernet port, until the PoE budget for the switch is reached. The total power available for PoE per switch is as follows:Power dedicated to PoE370 WNumber of ports that support PoE24HardwarePower ConsumptionSystem power consumption110V=47.14W
220V=47.01WPower consumption (with PoE)110V=451.8W
220V=437.4WHeat dissipation (BTU/hr)1543.99PortsTotal system ports24 Gigabit Ethernet + 4 10 Gigabit EthernetRJ-45 ports24 Gigabit EthernetCombo ports (RJ-45 + SFP)4 SFP+Console portCisco Standard RJ45 console portUSB slotUSB Type-A slot on the front panel of the switch for easy file and image managementButtonsReset buttonCabling typeUnshielded Twisted Pair (UTP) Category 5e or better for 1000BASE-TLEDsSystem, Link/Act, PoE, SpeedFlash256 MBCPU800 MHz ARMDRAM512 MBPacket BufferPacket buffer1,5 MBSupported SFP ModulesMGBSX1Multimode fiberMGBLX1Single-mode fiberMGBLH1Single-mode fiberMGBT1UTP Category 5GLC-SX-MMDMultimode fiberGLC-LH-SMDSingle-mode fiberGLC-BX-USingle-mode fiberGLC-BX-DSingle-mode fiberGLC-TEUTP cat 5eSFP-H10GB-CU1MCopper coaxSFP-H10GB-CU3MCopper coaxSFP-H10GB-CU5MCopper coaxSFP-10G-SRMultimode fiberSFP-10G-LRSingle-mode fiberSFP-10G-SR-SMultimode fiberSFP-10G-LR-SSingle-mode fiberEnvironmentalUnit dimensions (W x D x H)445 x 345 x 44 mm (17.5 x 13.59 x 1.73 in)Unit weight4.6 kg (10.14 lb)Power100 to 240V 50 to 60 Hz, internal, universalCertificationsUL (UL 62368), CSA (CSA 22.2), CE mark, FCC Part 15 (CFR 47) Class AOperating temperature23° to 122°F (-5° to 50°CStorage temperature-13° to 158°F (-25° to 70°C)Operating humidity10% to 90%, relative, noncondensingStorage humidity10% to 90%, relative, noncondensingAcoustic Noise and Mean Time Between Failure (MTBF)Fan (number)1Acoustic noise25°C: 34.8 dBAMTBF @ 25°C (hours)698220WarrantyLimited lifetimePackage contentsPackage contentsCisco Business 250 Series Smart Switch
Power cord
Mounting kit
Quick start guide