Cisco Switch SG500-28 L3 Managed Switch ขนาด 24 Port ความเร็ว Gigabit 10/100/1000Mbps , 2 พอร์ท Gigabit Combo RJ45/SFP ควบคุมการทำงานผ่าน Web
Total System Ports
24GE + 4 GE (5G Stacking)
24 ความเร็ว 10/100/1000Mbps
Combo Ports (RJ-45 + SFP)
2 combo Gigabit + 2 Port 1GB/ 5GB SFP
Switching Capacity in Millions of Packets per Second (mpps) (64-byte packets)
Switching Capacity in Gigabits per Second (Gbps)
Power over Ethernet (PoE)
Power Dedicated to PoE
Number of Ports That Support PoE
Layer 2 Switching
Spanning Tree Protocol
Standard 802.1d Spanning Tree SupportFast convergence using 802.1w (Rapid Spanning Tree [RSTP]), enabled by defaultMultiple spanning tree instances using 802.1s (MSTP). 16 instances are supported
Port grouping/link aggregation
Support for IEEE 802.3ad Link Aggregation Control Protocol (LACP)
Up to 32 groups
Up to 8 ports per group with 16 candidate ports for each (dynamic) 802.3ad LAG
Support for up to 4096 VLANs simultaneously Port-based and 802.1Q tag-based VLANs MAC-based VLANManagement VLANPVE (Private VLAN Edge), also known as Protected Port, with multiple uplinksGuest VLAN Unauthenticated VLAN Protocol-based VLAN CPE VLAN Dynamic VLAN assignment via Radius server along with 802.1x client authentication
Voice traffic is automatically assigned to a voice-specific VLAN and treated with appropriate levels of QoS. Auto voice capabilities deliver network-wide zero touch deployment of voice endpoints and call control devices.
DHCP Relay at Layer 2
Relay of DHCP traffic to DHCP server in a different VLAN. Works with DHCP Option 82.
Frames up to 9K (9216) bytes in length.
Wirespeed routing of IPv4 packets Up to 2K (2048) static routes and up to 256 IP interfaces
Wirespeed IPv6 Static Routing
Up to 2K (2048) static routes and up to 128 IPv6 interfaces
Layer 3 Interface
Configuration of layer 3 interface on physical port, LAG, VLAN interface or Loopback interface
RIP v2 (on 500X)
Support for Routing Information Protocol version 2, for dynamic routing
Switch functions as an IPv4 DHCP Server serving IP addresses for multiple DHCP pools/scopesSupport for DHCP options
Up to 8 units in a stack. Up to 416 ports managed as a single system with hardware failover.
Fast stack failover delivers minimal traffic loss.
Plug-and-play stacking configuration/management
Master/backup for resilient stack controlAuto-numberingHot swap of units in stackRing and chain stacking options Auto stacking port speed Flexible stacking port options
High-speed stack interconnects
Cost-effective 5G copper and high-speed 10G Fiber and Copper interfaces.
A mix of SF500, SG500, and SG500X in the same stack (10/100, Gigabit, and 10 Gigabit).
SSH is a secure replacement for Telnet traffic. SCP also uses SSH. SSH versions 1 and 2 are supported.
Secure Sockets Layer (SSL) encrypts all HTTPS traffic, allowing secure access to the browser-based management GUI in the switch.
Web based authentication provides network admission control through web browser to any host devices and operating systems.
STP BPDU Guard
A security mechanism to protect the networks from invalid configurations. A port enabled for Bridge Protocol Data Unit (BPDU) Guard is shut down if a BPDU message is received on that port. This avoids accidental topology loops.
STP Root Guard
This prevents edge devices not in the network administrator’s control from becoming Spanning Tree Protocol root nodes.
Filters out DHCP messages with unregistered IP addresses and/or from unexpected or untrusted interfaces. This prevents rogue devices from behaving as a DHCP Server.
IP Source Guard (IPSG)
When IP Source Guard is enabled at a port, the switch filters out IP packets received from the port if the source IP addresses of the packets have not been statically configured or dynamically learned from DHCP snooping. This prevents IP Address Spoofing.
Dynamic ARP Inspection (DAI)
The switch discards ARP packets from a port if there are no static or dynamic IP/MAC bindings or if there is a discrepancy between the source or destination address in the ARP packet. This prevents man-in-the-middle attacks.
IP/Mac/Port Binding (IPMB)
The features (DHCP Snooping, IP Source Guard, and Dynamic ARP Inspection) above work together to prevent DoS attacks in the network, thereby increasing network availability
Secure Core Technology (SCT)
Ensures that the switch will receive and process management and protocol traffic no matter how much traffic is received.
Secure Sensitive Data (SSD)
A mechanism to manage sensitive data (such as passwords, keys, etc.) securely on the switch, populating this data to other devices, and secure autoconfig. Access to view the sensitive data as plaintext or encrypted is provided according to the user configured access level and the access method of the user.
Layer 2 isolation (PVE) with community VLAN*
Private VLAN Edge provides security and isolation between switch ports, which helps ensure that users cannot snoop on other users’ traffic; supports multiple uplinks.
Ability to lock Source MAC addresses to ports, and limit the number of learned MAC addresses.
Supports RADIUS and TACACS authentication. Switch functions as a client.
The RADIUS accounting functions allow data to be sent at the start and end of services, indicating the amount of resources (such as time, packets, bytes, and so on) used during the session.
Broadcast, multicast, and unknown unicast.
Denial-of-Service (DoS) attack prevention.
Multiple user privilege levels in CLI
Levels 1, 7, and 15 privilege levels.
Support for up to 2K (2048) rules on 500 Series and 3K (3072) on 500X series.Drop or rate limit based on source and destination MAC, VLAN ID or IP address, protocol, port, DSCP/IP precedence, TCP/User Datagram Protocol (UDP) source and destination ports, 802.1p priority, Ethernet type, Internet Control Message Protocol (ICMP) packets, Internet Group Management Protocol (IGMP) packets, TCP flag.
Time-based ACLs supported.
Quality of Service
8 hardware queues
Strict Priority and weighted round-robin (WRR)
Class of service
Port based; 802.1p VLAN priority based; IPv4/v6 IP precedence/ToS/DSCP based; DiffServ; classification and re-marking ACLs, Trusted QoSQueue assignment based on differentiated services code point (DSCP) and class of service (802.1p/CoS)
gress policer; egress shaping and ingress rate control; per VLAN, per port, and flow based
IPv6 Host Mode IPv6 over Ethernet Dual IPv6/IPv4 stackIPv6 Neighbor and Router Discovery (ND) IPv6 Stateless Address Autoconfiguration Path MTU DiscoveryDuplicate Address Detection (DAD) ICMPv6IPv6 over IPv4 network with ISATAP tunnel supportUSGv6 and IPv6 Gold Logo certified
Prioritize IPv6 packets in hardware
Drop or Rate Limit IPv6 packets in hardware
Web user interface
Built-in switch configuration utility for easy browser-based device configuration (HTTP/HTTPS). Supports configuration, system dashboard, system maintenance and monitoring.
SNMP versions 1, 2c, and 3 with support for traps, and SNMP v3 User-based Security Model (USM)
Embedded RMON software agent supports 4 RMON groups (history, statistics, alarms, and events)for enhanced traffic management, monitoring, and analysis
Pv4 and IPv6 Dual Stack
Coexistence of both protocol stacks to ease migration
Traffic on a port can be mirrored to another port for analysis with a network analyzer or RMON probe. Up to 8 source ports can be mirrored to one destination port.
Traffic from a VLAN can be mirrored to a port for analysis with a network analyzer or RMON probe. Up to 8 source VLANs can be mirrored to one destination port.
Frame sizes up to 9K (9216) bytes. Supported on 10/100 and Gigabit Ethernet interfaces. The default MTU is 2K.
6K (16384) MAC addresses.
Power consumption (worst case)
System Power Consumption
Power Consumption (with PoE)
Heat Dissipation (BTU/hr)
440 x 44 x 350
100-240V 47-63 Hz, internal, universal
UL 60950), CSA (CSA 22.2), CE mark, FCC Part 15 (CFR 47) Class A