Cisco SG350-10P 10-Port Gigabit PoE Managed Switch

Cisco SG350-10P 10-Port Gigabit PoE Managed Switch

Category : Cisco Switches
Brand : Cisco
Model : SG350-10P


Easy-to-Use Managed Switches That Provide the Ideal Combination of Features and Affordability

To stay ahead in a competitive marketplace, businesses need to make every dollar count. That means getting the most value from your technology investments, but it also means making sure that employees have fast, reliable access to the business tools and information they need. Every minute an employee waits for an unresponsive application and every minute your network is down has an effect on your profits. The importance of maintaining a strong and dependable business network only grows as your business adds more employees, applications, and network complexity.
When your business needs advanced security and features but value is still a top consideration, you’re ready for the new generation of Cisco® Small Business managed switches:
Cisco 350 Series Switches

The Cisco 350 Series, part of the Cisco Small Business line of network solutions, is a portfolio of affordable managed switches that provides a reliable foundation for your business network. These switches deliver the features you need to improve the availability of your critical business applications, protect your sensitive information, and optimize your network bandwidth to deliver information and applications more effectively. Easy to set up and use, the Cisco 350 Series provides the ideal combination of affordability and capabilities for small businesses and helps you create a more efficient, better-connected workforce.
The Cisco 350 Series is a broad portfolio of fixed-configuration managed Ethernet switches. Models are available with 8 to 48 ports of Fast Ethernet and 10 to 52 ports of Gigabit Ethernet connectivity, providing optimal flexibility to create exactly the right network foundation for your business. However, unlike other small business switching solutions that provide managed network capabilities only in the costliest models, all Cisco 350 Series Switches support the advanced security management capabilities and network features you need to support business-class data, voice, security, and wireless technologies. At the same time, these switches are simple to deploy and configure, allowing you to take advantage of the managed network services your business needs.

Business applications

Whether you need a basic high-performance network to connect employee computers or a solution to deliver data, voice, and video services, the Cisco 350 Series offers a solution to meet your needs. Possible deployment scenarios include:
  • Secure desktop connectivity: Cisco 350 Series Switches can simply and securely connect employees working in small offices with each other and with all of the servers, printers, and other devices they use. High performance and reliable connectivity help speed file transfers and data processing, improve network uptime, and keep your employees connected and productive.
  • Secure wireless connectivity: With its advanced security features, Power over Ethernet, Auto Smartports, QoS, VLAN, and access control features, the Cisco 350 Series Switches are the perfect foundation to add business-grade wireless to a business network.
  • Unified communications: As a managed network solution, the Cisco 350 Series provides the performance and advanced traffic-handling intelligence you need to deliver all communications and data over a single network. Cisco offers a complete portfolio of IP telephony and other unified communications products designed for businesses. Cisco 350 Series Switches have been rigorously tested to help ensure easy integration and full compatibility with these and other products, providing a complete business solution.
  • Highly secure guest connectivity: Cisco 350 Series Switches let you extend highly secure network connectivity to guests in a variety of settings, such as a hotel, an office waiting room, or any other area open to nonemployee users. Using powerful but easy-to-configure security and traffic segmentation capabilities, you can isolate your vital business traffic from guest services and keep guests’ network sessions private from each other.

Features and benefits

Cisco 350 Series switches provide the advanced feature set that growing businesses require and that high-bandwidth applications and technologies demand. These switches can improve the availability of your critical applications, protect your business information, and optimize your network bandwidth to more effectively deliver information and support applications. The switches provide the following benefits.

Ease of management and deployment
Cisco 350 Series switches are designed to be easy to use and manage by commercial customers or the partners that serve them. They feature:
  • Cisco Smart Network Application (SNA) is an innovative network-level monitoring and management tool embedded in Cisco 100 to 500 Series switches. It can discover network topology, display link status, monitor events, apply configurations, and upgrade software images across multiple switches in the network.
  • The FindIT Network Manager and Probe are designed to manage Cisco 100 to 500 Series switches, routers, and wireless access points. The Manager lets you proactively manage the network instead of just reacting to events. FindIT Network Management is the perfect addition to your business network. For more information, visit
  • The Cisco FindIT Network Discovery Utility works through a simple toolbar on your web browser to discover Cisco devices on the network and display basic device information, inventory, and new firmware updates to aid in the configuration and speed the deployment of Cisco Small Business products. For more information, visit
  • The USB port on the front panel of the switch enables easy image and configuration transfer for faster deployment or upgrade.
  • Simple-to-use graphical interfaces reduce the time required to deploy, troubleshoot, and manage the network and allow you to support sophisticated capabilities without increasing IT head count.
  • The switches also support Textview, a full Command-Line Interface (CLI) option for partners that prefer it.
  • Using Auto Smartports intelligence, the switch can detect a network device connected to any port and automatically configure the optimal security, Quality of Service (QoS), and availability on that port.
  • Cisco Discovery Protocol discovers Cisco devices and allows devices to share critical configuration information, simplifying network setup and integration.
  • Support for Simple Network Management Protocol (SNMP) allows you to set up and manage your switches and other Cisco devices remotely from a network management station, improving IT workflow and mass configurations.
High reliability and resiliency
In a growing business where availability 24 hours a day, 7 days a week is critical, you need to assure that employees can always access the data and resources they need. The Cisco 350 Series supports dual images, allowing you to perform software upgrades without having to take the network offline or worry about the network going down during the upgrade.

Strong security
Cisco 350 Series switches provide the advanced security features you need to protect your business data and keep unauthorized users off the network:
  • Embedded Secure Sockets Layer (SSL) encryption protects management data traveling to and from the switch.
  • Extensive Access Control Lists (ACLs) restrict sensitive portions of the network to keep out unauthorized users and guard against network attacks.
  • Guest VLANs let you provide Internet connectivity to nonemployee users while isolating critical business services from guest traffic.
  • Support for advanced network security applications such as IEEE 802.1X port security tightly limits access to specific segments of your network. Web-based authentication provides a consistent interface to authenticate all types of host devices and operating systems, without the complexity of deploying IEEE 802.1X clients on each endpoint.
  • Advanced defense mechanisms, including dynamic Address Resolution Protocol (ARP) inspection, IP Source Guard, and Dynamic Host Configuration Protocol (DHCP) snooping, detect and block deliberate network attacks. Combinations of these protocols are also referred to as IP-MAC port binding (IPMB).
  • IPv6 First Hop Security extends the advanced threat protection to IPv6. This comprehensive security suite includes ND inspection, RA guard, DHCPv6 guard, and neighbor binding integrity check, providing unparalleled protection against a vast range of address spoofing and man-in-the-middle attacks on IPv6 networks.
  • Time-based ACLs and port operation restrict access to the network during predesignated times such as business hours.
  • Uniform MAC address-based security can be applied automatically to mobile users as they roam between wireless access points.
  • Secure Core Technology (SCT) helps ensure that the switch is able to process management traffic in the face of a Denial-of-Service (DoS) attack.
  • Private VLAN Edge (PVE) provides Layer 2 isolation between devices on the same VLAN.
  • Storm control can be applied to broadcast, multicast, and unknown unicast traffic.
  • Protection of management sessions occurs using RADIUS, TACACS+, and local database authentication as well as secure management sessions over SSL, SSH, and SNMPv3.
  • DoS attack prevention maximizes network uptime in the presence of an attack.
Power over Ethernet
Cisco 350 Series Switches are available with up to 48 PoE ports. This capability simplifies advanced technology deployments such as IP telephony, wireless, and IP surveillance by allowing you to connect and power network endpoints over a single Ethernet cable. With no need to install separate power supplies for IP phones or wireless access points, you can take advantage of advanced communications technologies more quickly and at a lower cost. Models support 802.3af PoE, 802.3at PoE+, and 60 Watt PoE.

Multigigabit performance
Network needs are changing quickly. Thanks to evolving wireless standards and the rising number of wireless devices, keeping up with data rates and growing traffic can be a challenge. Your traditional Ethernet infrastructure can support speeds up to 1 Gigabit per second (Gbps), but competing today requires much more capacity. One option is completely replacing your older cabling infrastructure and upgrading your hardware. But wouldn’t it be better to increase network speed and traffic capacity in a way that’s quick, inexpensive, and efficient?
Cisco’s new Multigigabit Ethernet switches offer just that: an easy-to-deploy, budget-friendly solution that allows you to increase network speed and bandwidth using your existing cables. By partnering with other industry leaders to form the NBASE-T Alliance, Cisco uses NBASE-T technology to help you get more out of your existing infrastructure. Save time and money by avoiding upgrades and extending the life of your installed cable plants. And discover the benefits of meeting consumer demand for increased bandwidth and speeds without a large initial investment.
Multigigabit Ethernet technology uses capabilities in your existing cabling infrastructure to meet bandwidth requirements and provide up to five times the performance. The technology enables intermediate data rates of 2.5 and 5 Gbps to ease the jump between traditional rates of 1 Gbps and 10 Gbps. These intermediate rates run on most installed cables and preserve older UTP wiring, which is good for 802.11ac wireless LAN applications.
The technology also supports Power over Ethernet (PoE) forms, including PoE+ and 60W PoE. Cisco Multigigabit Ethernet switches help you avoid having to run multiple cables between switches and access points and let your networks welcome next-generation traffic speeds and data rates.

Networkwide automatic voice deployment
Using a combination of Cisco Discovery Protocol, LLDP-MED, Auto Smartports, and Voice Services Discovery Protocol (or VSDP, a unique Cisco protocol), customers can deploy an end-to-end voice network dynamically. The switches in the network automatically converge around a single voice VLAN and QoS parameters and then propagate them out to the phones on the ports, where they are discovered. For example, automated voice VLAN capabilities let you plug any IP phone (including third-party phones) into your IP telephony network and receive an immediate dial tone. The switch automatically configures the device with the right VLAN and QoS parameters to prioritize voice traffic.

IPv6 support
As the IP address scheme evolves to accommodate a growing number of network devices, the Cisco 350 Series can support the transition to the next generation of networking and operating systems such as Windows 8, Vista, and Linux. These switches continue to support previous-generation IPv4, allowing you to evolve to the new IPv6 standard at your own pace and helping ensure that your current network will continue to support your business applications in the future. Cisco 350 Series switches have successfully completed rigorous IPv6 testing and have received the USGv6 and IPv6 Gold certification.

Advanced layer 3 traffic management
The Cisco 350 Series enables a more advanced set of traffic management capabilities to help growing businesses organize their networks more effectively and efficiently. For example, the switches provide static LAN Layer 3 routing, allowing you to segment your network into workgroups and communicate across VLANs without degrading application performance.
With these capabilities, you can boost the efficiency of your network by offloading internal traffic-handling tasks from your router and allowing it to manage primarily external traffic and security.

Power efficiency
The Cisco 350 Series integrates a variety of power-saving features across all models, providing the industry’s most extensive energy-efficient switching portfolio. These switches are designed to conserve energy by optimizing power use, which helps protects the environment and reduce your energy costs. They provide an eco-friendly network solution without compromising performance. Cisco 350 Series switches feature:
  • Support for the Energy Efficient Ethernet (IEEE 802.3az) standard, which reduces energy consumption by monitoring the amount of traffic on an active link and putting the link into a sleep state during quiet periods
  • The latest Application-Specific Integrated Circuits (ASICs)
  • Automatic power shutoff on ports when a link is down
  • LEDs that can be turned off to save power
  • Embedded intelligence to adjust signal strength based on the length of the connecting cable
Expansion ports
The Cisco 350 Series provides more ports per Gigabit Ethernet switch than traditional switch models, giving you more flexibility to connect and empower your business. Gigabit Ethernet models offer 28 to 52 ports to give you more value, versus the 24-port or 48-port varieties with four shared ports that’s common in the market. The Cisco 350 Series also offers small form-factor pluggable (SFP) expansion slots that give you the option to add fiber-optic or Gigabit Ethernet uplink connectivity to the switch. With the ability to increase the connectivity range of the switches, you have more flexibility to design your network around your unique business environment and to easily connect switches on different floors or across the business.

Peace of mind and investment protection
Cisco 350 Series switches offer the reliable performance and peace of mind you expect from a Cisco switch. When you invest in the Cisco 350 Series, you gain the benefits of:
  • Limited lifetime warranty with Next-Business-Day (NBD) advance replacement (where available; otherwise same day ship).
  • A solution that has been rigorously tested to help ensure optimal network uptime to keep employees connected to primary resources and productive.
  • A solution designed and tested to easily and fully integrate with other Cisco voice, unified communications, security, and networking products as part of a comprehensive technology platform for your business.
  • Complimentary software updates for bug fixes for the warranty term. To download software updates, go to
  • Telephone technical support at no charge for the first 12 months following the date of purchase.
  • Product warranty terms and other information applicable to Cisco products are available at
  • Cisco Small Business products are supported by professionals in Cisco Small Business Support Center locations worldwide who are specifically trained to understand your needs. The Cisco Small Business Support Community, an online forum, enables you to collaborate with your peers and reach Cisco technical experts for support information.
Cisco limited lifetime hardware warranty
Cisco 350 Series switches offer a limited lifetime hardware warranty with NBD advance replacement (where available; otherwise same day ship) and a limited lifetime warranty for fans and power supplies.
In addition, Cisco offers software application updates for bug fixes for the warranty term and telephone technical support at no charge for the first 12 months following the date of purchase. To download software updates, go to
Product warranty terms and other information applicable to Cisco products are available at

World-class service and support
Your time is valuable, especially when you have a problem affecting your business. Cisco 350 Series switches are backed by Cisco SMARTnet® Total Care™ which provides affordable peace-of-mind coverage. Delivered by Cisco and backed by your trusted partner, this comprehensive service includes software updates and access to the Cisco Support Center, and it extends technical service to three years.
Cisco SMB products are supported by professionals in the Cisco Support Center, a dedicated resource for small business customers and networks, with locations worldwide that are specifically trained to understand your needs. You also have access to extensive technical and product information through the Cisco Support Community, an online forum that enables you to collaborate with your peers and reach Cisco technical experts for support information.



  • Switching capacity and forwarding rate : All switches are wire speed and nonblocking
    • Capacity in Millions of Packets per Second (mpps) (64-byte packets) : 14.88
    • Switching Capacity in Gigabits per Second (Gbps) : 20.0

Layer 2 Switching

  • Spanning Tree Protocol
    • Standard 802.1d Spanning Tree support
    • Fast convergence using 802.1w (Rapid Spanning Tree [RSTP]), enabled by default
    • Multiple Spanning Tree instances using 802.1s (MSTP); 8 instances are supported
    • Per-VLAN Spanning Tree Plus (PVST+) and Rapid PVST+ (RPVST+); 126 instances are supported
  • Port grouping/link aggregation
    • Support for IEEE 802.3ad Link Aggregation Control Protocol (LACP)
    • Up to 8 groups
    • Up to 8 ports per group with 16 candidate ports for each (dynamic) 802.3ad link aggregation
  • VLAN
    • Support for up to 4,094 VLANs simultaneously
    • Port-based and 802.1Q tag-based VLANs; MAC-based VLAN; protocol-based VLAN; IP subnet-based VLAN,
    • Management VLAN
    • Private VLAN with promiscuous, isolated, and community port
    • Private VLAN Edge (PVE), also known as protected ports, with multiple uplinks
    • Guest VLAN; unauthenticated VLAN
    • Dynamic VLAN assignment via RADIUS server along with 802.1x client authentication
    • CPE VLAN
  • Voice VLAN
    • Voice traffic is automatically assigned to a voice-specific VLAN and treated with appropriate levels of QoS
    • Auto voice capabilities deliver networkwide zero-touch deployment of voice endpoints and call control devices
  • Multicast TV VLAN : Multicast TV VLAN allows the single multicast VLAN to be shared in the network while subscribers remain in separate VLANs. This feature is also known as Multicast VLAN Registration (MVR)
  • VLAN Translation : Support for VLAN One-to-One Mapping. In VLAN One-to-One Mapping, on an edge interface C-VLANs are mapped to S-VLANs and the original C-VLAN tags are replaced by the specified S-VLAN
  • Q-in-Q : VLANs transparently cross a service provider network while isolating traffic among customers
  • Selective Q-in-Q
    • Selective Q-in-Q is an enhancement to the basic Q-in-Q feature and provides, per edge interface, multiple mappings of different C-VLANs to separate S-VLANs
    • Selective Q-in-Q also allows configuring of Ethertype (TPID) of the S-VLAN tag
    • Layer 2 protocol tunneling over Q-in-Q is also supported
  • Generic VLAN Registration Protocol (GVRP)/Generic Attribute Registration Protocol (GARP) : Generic VLAN Registration Protocol (GVRP) and Generic Attribute Registration Protocol (GARP) enable automatic propagation and configuration of VLANs in a bridged domain
  • Unidirectional Link Detection (UDLD) : UDLD monitors physical connection to detect unidirectional links caused by incorrect wiring or cable/port faults to prevent forwarding loops and blackholing of traffic in switched networks
  • Dynamic Host Configuration Protocol (DHCP) Relay at Layer 2 : Relay of DHCP traffic to DHCP server in different VLAN; works with DHCP Option 82
  • Internet Group Management Protocol (IGMP) versions 1, 2, and 3 snooping : IGMP limits bandwidth-intensive multicast traffic to only the requesters; supports 2K multicast groups (source-specific multicasting is also supported)
  • IGMP Querier : IGMP querier is used to support a Layer 2 multicast domain of snooping switches in the absence of a multicast router
  • Head-Of-Line (HOL) blocking : HOL blocking prevention
  • Loopback Detection : Loopback detection provides protection against loops by transmitting loop protocol packets out of ports on which loop protection has been enabled. It operates independently of STP

Layer 3

  • IPv4 routing
    • Wirespeed routing of IPv4 packets
    • Up to 990 static routes and up to 128 IP interfaces
  • IPv6 routing : Wirespeed routing of IPv6 packets
  • Layer 3 Interface : Configuration of Layer 3 interface on physical port, LAG, VLAN interface, or loopback interface
  • Classless Interdomain Routing (CIDR) : Support for classless interdomain routing
  • Policy-Based Routing (PBR) : Flexible routing control to direct packets to different next hop based on IPv4 or IPv6 ACL
  • DHCP Server : 
    • Switch functions as an IPv4 DHCP server serving IP addresses for multiple DHCP pools/scopes
    • Support for DHCP options
  • DHCP relay at Layer 3 : Relay of DHCP traffic across IP domains
  • User Datagram Protocol (UDP) relay : Relay of broadcast information across Layer 3 domains for application discovery or relaying of bootP/DHCP packets


  • Secure Shell (SSH) Protocol : SSH is a secure replacement for Telnet traffic. SCP also uses SSH. SSH v1 and v2 are supported
  • Secure Sockets Layer (SSL) : SSL support: Encrypts all HTTPS traffic, allowing highly secure access to the browser-based management GUI in the switch
  • IEEE 802.1X (Authenticator role) : 
    • 802.1X: RADIUS authentication and accounting, MD5 hash; guest VLAN; unauthenticated VLAN, single/multiple host mode and single/multiple sessions
    • Supports time-based 802.1X
    • Dynamic VLAN assignment
  • Web-based authentication : Web based authentication provides network admission control through web browser to any host devices and operating systems
  • STP Bridge Protocol Data Unit (BPDU) Guard : A security mechanism to protect the network from invalid configurations. A port enabled for BPDU Guard is shut down if a BPDU message is received on that port
  • STP Root Guard : This prevents edge devices not in the network administrator’s control from becoming Spanning Tree Protocol root nodes
  • STP loopback guard : Provides additional protection against Layer 2 forwarding loops (STP loops)
  • DHCP snooping : Filters out DHCP messages with unregistered IP addresses and/or from unexpected or untrusted interfaces. This prevents rogue devices from behaving as DHCP Servers
  • IP Source Guard (IPSG) : When IP Source Guard is enabled at a port, the switch filters out IP packets received from the port if the source IP addresses of the packets have not been statically configured or dynamically learned from DHCP snooping. This prevents IP Address Spoofing
  • Dynamic ARP Inspection (DAI) : The switch discards ARP packets from a port if there are no static or dynamic IP/MAC bindings or if there is a discrepancy between the source or destination addresses in the ARP packet. This prevents man-in-the-middle attacks
  • IP/MAC/Port Binding (IPMB) : The preceding features (DHCP Snooping, IP Source Guard, and Dynamic ARP Inspection) work together to prevent DOS attacks in the network, thereby increasing network availability
  • Secure Core Technology (SCT) : Makes sure that the switch will receive and process management and protocol traffic no matter how much traffic is received
  • Secure Sensitive Data (SSD) : A mechanism to manage sensitive data (such as passwords, keys, and so on) securely on the switch, populating this data to other devices, and secure autoconfig. Access to view the sensitive data as plaintext or encrypted is provided according to the user-configured access level and the access method of the user
  • Trustworthy systems :
    • Trustworthy systems provide a highly secure foundation for Cisco products
    • Run-time defenses (Executable Space Protection [X-Space], Address Space Layout Randomization [ASLR], Built-In Object Size Checking [BOSC])
  • Private VLAN : Private VLAN provides security and isolation between switch ports, which helps ensure that users cannot snoop on other users’ traffic; supports multiple uplinks
  • Layer 2 isolation Private VLAN Edge (PVE) with community VLAN : PVE (also known as protected ports) provides Layer 2 isolation between devices in the same VLAN, supports multiple uplinks
  • Port security
  • Ability to lock source MAC addresses to ports and limits the number of learned MAC addresses
  • RADIUS/TACACS+ : Supports RADIUS and TACACS authentication. Switch functions as a client
  • RADIUS accounting : The RADIUS accounting functions allow data to be sent at the start and end of services, indicating the amount of resources (such as time, packets, bytes, and so on) used during the session
  • Storm control : Broadcast, multicast, and unknown unicast
  • DoS prevention : Denial-Of-Service (DOS) attack prevention
  • Multiple user privilege levels in CLI : Level 1, 7, and 15 privilege levels
  • ACLs
    • Support for up to 1K rules
    • Drop or rate limit based on source and destination MAC, VLAN ID or IPv4 or IPv6 address, IPv6 flow label, protocol, port, Differentiated Services Code Point (DSCP)/IP precedence, TCP/UDP source and destination ports, 802.1p priority, Ethernet type, Internet Control Message Protocol (ICMP) packets, IGMP packets, TCP flag; ACL can be applied on both ingress and egress sides
    • Time-based ACLs supported

Quality of Service

  • Priority levels : 8 hardware queues
  • Scheduling
    • Strict priority and Weighted Round-Robin (WRR)
    • Queue assignment based on DSCP and class of service (802.1p/CoS)
  • Class of service
    • Port based; 802.1p VLAN priority based; IPv4/v6 IP precedence/Type of Service (ToS)/DSCP based; Differentiated Services (DiffServ); classification and remarking ACLs, trusted QoS
    • Queue assignment based on DSCP and class of service (802.1p/CoS)
  • Rate limiting : Ingress policer; egress shaping and rate control; per VLAN, per port, and flow based; 2R3C policing
  • Congestion avoidance : A TCP congestion avoidance algorithm is required to minimize and prevent global TCP loss synchronization


  • Standards : IEEE 802.3 10BASE-T Ethernet, IEEE 802.3u 100BASE-TX Fast Ethernet, IEEE 802.3ab 1000BASE-T Gigabit Ethernet, IEEE 802.3ad Link Aggregation Control Protocol, IEEE 802.3z Gigabit Ethernet, IEEE 802.3x Flow Control, IEEE 802.1D (STP, GARP, and GVRP), IEEE 802.1Q/p VLAN, IEEE 802.1w Rapid STP, IEEE 802.1s Multiple STP, IEEE 802.1X Port Access Authentication, IEEE 802.3af, IEEE 802.3at, IEEE 802.1AB Link Layer Discovery Protocol, IEEE 802.3az Energy Efficient Ethernet, RFC 768, RFC 783, RFC 791, RFC 792, RFC 793, RFC 813, RFC 826, RFC 879, RFC 896, RFC 854, RFC 855, RFC 856, RFC 858, RFC 894, RFC 919, RFC 920, RFC 922, RFC 950, RFC 951, RFC 1042, RFC 1071, RFC 1123, RFC 1141, RFC 1155, RFC 1157, RFC 1213, RFC 1215, RFC 1286, RFC 1350, RFC 1442, RFC 1451, RFC 1493, RFC 1533, RFC 1541, RFC 1542, RFC 1573, RFC 1624, RFC 1643, RFC 1700, RFC 1757, RFC 1867, RFC 1907, RFC 2011, RFC 2012, RFC 2013, RFC 2030, RFC 2131, RFC 2132, RFC 2233, RFC 2576, RFC 2616, RFC 2618, RFC 2665, RFC 2666, RFC 2674, RFC 2737, RFC 2819, RFC 2863, RFC 3164, RFC 3176, RFC 3411, RFC 3412, RFC 3413, RFC 3414, RFC 3415, RFC 3416, RFC 4330


  • IPv6
    • IPv6 host mode; IPv6 over Ethernet; Dual IPv6/IPv4 stack
    • IPv6 neighbor and router discovery (ND); IPv6 stateless address autoconfiguration; Path Maximum Transmission Unit (MTU) discovery
    • Duplicate Address Detection (DAD); ICMP version 6
    • DHCPv6 stateful client
    • IPv6 over IPv4 network with Intrasite Automatic Tunnel Addressing Protocol (ISATAP) tunnel support
    • USGv6 and IPv6 Gold Logo certified
  • IPv6 QoS : Prioritize IPv6 packets in hardware
  • IPv6 ACL : Drop or rate limit IPv6 packets in hardware
  • IPv6 First Hop Security
    • RA guard
    • ND inspection
    • DHCPv6 guard
    • Neighbor binding table (snooping and static entries)
    • Neighbor binding integrity check
  • Multicast Listener Discovery (MLD v1/2) snooping : Deliver IPv6 multicast packets only to the required receivers
  • IPv6 applications : Web/SSL, Telnet server/SSH, ping, traceroute, Simple Network Time Protocol (SNTP), Trivial File Transfer Protocol (TFTP), SNMP, RADIUS, syslog, DNS client, Telnet Client, DHCP Client, DHCP Autoconfig, IPv6 DHCP Relay, TACACS+
  • IPv6 RFCs supported
    • RFC 4443 (which obsoletes RFC2463): ICMP version 6
    • RFC 4291 (which obsoletes RFC 3513): IPv6 address architecture
    • RFC 4291: IPv6 addressing architecture
    • RFC 2460: IPv6 specification
    • RFC 4861 (which obsoletes RFC 2461): neighbor discovery for IPv6
    • RFC 4862 (which obsoletes RFC 2462): IPv6 stateless address autoconfiguration
    • RFC 1981: path MTU discovery
    • RFC 4007: IPv6 scoped address architecture
    • RFC 3484: default address selection mechanism
    • RFC 5214 (which obsoletes RFC 4214): ISATAP tunneling
    • RFC 4293: MIB IPv6: textual conventions and general group
    • RFC 3595: textual conventions for IPv6 flow label


  • Web user interface
    • Built-in switch configuration utility for easy browser-based device configuration (HTTP/HTTPS)
    • Supports simple and advanced mode, configuration, wizards, customizable dashboard, system maintenance, monitoring, online help, and universal search
  • Smart Network Application
    • Smart Network Application (SNA) is an innovative network-level monitoring and management tool embedded in Cisco 100 to 500 Series switches. It can discover network topology, display link status, monitor events, apply configurations, and upgrade software images across multiple switches in the network
    • (Note: Management of your network using Smart Network Application requires the use of either a 350, 350X, or 550X Series switch model as a part of your network)
  • SNMP : SNMP versions 1, 2c, and 3 with support for traps, and SNMP version 3 User-based Security Model (USM)
  • Standard MIBs
    • lldp-MIB
    • lldpextdot1-MIB
    • lldpextdot3-MIB
    • lldpextmed-MIB
    • rfc2674-MIB
    • rfc2575-MIB
    • rfc2573-MIB
    • rfc2233-MIB
    • rfc2013-MIB
    • rfc2012-MIB
    • rfc2011-MIB
    • RFC-1212
    • RFC-1215
    • SNMPv2-CONF
    • SNMPv2-TC
    • p-bridge-MIB
    • q-bridge-MIB
    • rfc1389-MIB
    • rfc1493-MIB
    • rfc1611-MIB
    • rfc1612-MIB
    • rfc1850-MIB
    • rfc1907-MIB
    • rfc2571-MIB
    • rfc2572-MIB
    • rfc2574-MIB
    • rfc2576-MIB
    • rfc2613-MIB
    • rfc2665-MIB
    • rfc2668-MIB
    • rfc2737-MIB
    • rfc2925-MIB
    • rfc3621-MIB
    • rfc4668-MIB
    • rfc4670-MIB
    • trunk-MIB
    • tunnel-MIB
    • udp-MIB
    • draft-ietf-bridge-8021x-MIB
    • draft-ietf-bridge-rstpmib-04-MIB
    • draft-ietf-hubmib-etherif-mib-v3-00-MIB
    • draft-ietf-syslog-device-MIB
    • ianaaddrfamnumbers-MIB
    • ianaifty-MIB
    • ianaprot-MIB
    • inet-address-MIB
    • ip-forward-MIB
    • ip-MIB
    • RFC1155-SMI
    • RFC1213-MIB
    • SNMPv2-MIB
    • SNMPv2-SMI
    • SNMPv2-TM
    • RMON-MIB
    • rfc1724-MIB
    • dcb-raj-DCBX-MIB-1108-MIB
    • rfc1213-MIB
    • rfc1757-MIB
  • Private MIBs
    • brgmulticast-MIB CISCOSB-
    • bridgemibobjects-MIB
    • CISCOSB-bonjour-MIB
    • CISCOSB-dhcpcl-MIB
    • CISCOSB-wrandomtaildrop-MIB
    • CISCOSB-traceroute-MIB
    • CISCOSB-telnet-MIB
    • CISCOSB-stormctrl-MIB
    • CISCOSB-ssh-MIB
    • CISCOSB-socket-MIB
    • CISCOSB-sntp-MIB
    • CISCOSB-smon-MIB
    • CISCOSB-phy-MIB
    • CISCOSB-multisessionterminal-MIB
    • CISCOSB-mri-MIB
    • CISCOSB-jumboframes-MIB
    • CISCOSB-gvrp-MIB
    • CISCOSB-endofmib-MIB
    • CISCOSB-dot1x-MIB
    • CISCOSB-deviceparams-MIB
    • CISCOSB-cli-MIB
    • CISCOSB-cdb-MIB
    • CISCOSB-brgmacswitch-MIB
    • CISCOSB-3sw2swtables-MIB
    • CISCOSB-smartPorts-MIB
    • CISCOSB-tbi-MIB
    • CISCOSB-macbaseprio-MIB
    • CISCOSB-policy-MIB
    • CISCOSB-env_mib
    • CISCOSB-sensor-MIB
    • CISCOSB-aaa-MIB
    • CISCOSB-application-MIB
    • CISCOSB-bridgesecurity-MIB
    • CISCOSB-copy-MIB
    • CISCOSB-CpuCounters-MIB
    • CISCOSB-Custom1BonjourService-MIB
    • CISCOSB?dhcp-MIB
    • CISCOSB-dlf-MIB
    • CISCOSB-dnscl-MIB
    • CISCOSB-embweb-MIB
    • CISCOSB-fft-MIB
    • CISCOSB-file-MIB
    • CISCOSB-greeneth-MIB
    • CISCOSB-interfaces-MIB
    • CISCOSB-interfaces_recovery-MIB
    • CISCOSB-ip-MIB
    • CISCOSB-iprouter-MIB
    • CISCOSB-ipv6-MIB
    • CISCOSB-mnginf-MIB
    • CISCOSB-lcli-MIB
    • CISCOSB-localization-MIB
    • CISCOSB-mcmngr-MIB
    • CISCOSB-mng-MIB
    • CISCOSB-physdescription-MIB
    • CISCOSB-protectedport-MIB
    • CISCOSB-rmon-MIB
    • CISCOSB-rs232-MIB
    • CISCOSB-SecuritySuite-MIB
    • CISCOSB-snmp-MIB
    • CISCOSB-specialbpdu-MIB
    • CISCOSB-banner-MIB
    • CISCOSB-syslog-MIB
    • CISCOSB-TcpSession-MIB
    • CISCOSB-traps-MIB
    • CISCOSB-trunk-MIB
    • CISCOSB-tuning-MIB
    • CISCOSB-tunnel-MIB
    • CISCOSB-udp-MIB
    • CISCOSB-vlan-MIB
    • CISCOSB-ipstdacl-MIB
    • CISCOSB-eee-MIB
    • CISCOSB-ssl-MIB
    • CISCOSB-qosclimib-MIB
    • CISCOSB-digitalkeymanage-MIB
    • CISCOSB-tbp-MIB
    • CISCOSB-secsd-MIB
    • CISCOSB-draft-ietf-entmib-sensor-MIB
    • CISCOSB-draft-ietf-syslog-device-MIB
    • CISCOSB-rfc2925-MIB
    • CISCOSB-DebugCapabilities-MIB
    • CISCOSB-vlanVoice-MIB
    • CISCOSB-sysmng-MIB
    • CISCOSB-sct-MIB
  • Remote Monitoring (RMON) : Embedded RMON software agent supports 4 RMON groups (history, statistics, alarms, and events) for enhanced traffic management, monitoring, and analysis
  • IPv4 and IPv6 dual stack : Coexistence of both protocol stacks to ease migration
  • Firmware upgrade :
    • Web browser upgrade (HTTP/HTTPS) and TFTP and upgrade over SCP running over SSH
    • Upgrade can be initiated through console port as well
    • Dual images for resilient firmware upgrades
  • Port mirroring : Traffic on a port can be mirrored to another port for analysis with a network analyzer or RMON probe. Up to 8 source ports can be mirrored to one destination port. A single session is supported
  • VLAN mirroring : Traffic from a VLAN can be mirrored to a port for analysis with a network analyzer or RMON probe. Up to 8 source VLANs can be mirrored to one destination port. A single session is supported
  • DHCP (options 12, 66, 67, 82, 129, and 150) : DHCP options facilitate tighter control from a central point (DHCP server) to obtain IP address, autoconfiguration (with configuration file download), DHCP relay, and hostname
  • Secure Copy (SCP) : Securely transfer files to and from the switch
  • Autoconfiguration with Secure Copy (SCP) file download : Enables secure mass deployment with protection of sensitive data
  • Text-editable config files : Config files can be edited with a text editor and downloaded to another switch, facilitating easier mass deployment
  • Smartports : Simplified configuration of QoS and security capabilities
  • Auto Smartports : Applies the intelligence delivered through the Smartport roles and applies it automatically to the port based on the devices discovered over Cisco Discovery Protocol or LLDP-MED. This facilitates zero-touch deployments
  • Textview CLI : Scriptable command-line interface. A full CLI as well as a menu-based CLI is supported. User privilege levels 1, 7, and 15 are supported for the CLI
  • Cloud services : Support for Cisco FindIT Network Manager and Cisco Active Advisor
  • Embedded Probe for FindIT Network Manager : Support for embedded FindIT Network Probe running on the switch. Eliminates the need to set up a separate hardware or virtual machine for the FindIT Network Probe on site
  • Cisco Network Plug and Play (PnP) agent : 
    • The Cisco Network Plug and Play solution provides a simple, secure, unified, and integrated offering to ease new branch or campus device rollouts or for provisioning updates to an existing network. The solution provides a unified approach to provision Cisco routers, switches, and wireless devices with a near-zero-touch deployment experience
    • Supports Cisco PnP Connect
  • Localization : Localization of GUI and documentation into multiple languages
  • Login banner : Configurable multiple banners for web as well as CLI
  • Other management : Traceroute; single IP management; HTTP/HTTPS; SSH; RADIUS; port mirroring; TFTP upgrade; DHCP client; BOOTP; SNTP; Xmodem upgrade; cable diagnostics; ping; syslog; Telnet client (SSH secure support); automatic time settings from Management Station
  • Time-based port operation : Link up or down based on user-defined schedule (when the port is administratively up)
  • Time-based PoE : Capability for power to be on or off based on a user-defined schedule to save energy

Power Efficiency

  • Energy Detect : Automatically turns power off on Gigabit Ethernet and 10/100 RJ-45 port when detecting link down. Active mode is resumed without loss of any packets when the switch detects the link up
  • Cable length detection : Adjusts the signal strength based on the cable length for Gigabit Ethernet models. Reduces the power consumption for shorter cables
  • EEE Compliant (802.3az) : Supports IEEE 802.3az on all copper Gigabit Ethernet ports
  • Disable port LEDs : LEDs can be manually turned off to save on energy
  • Time-based port operation : Link up or down based on user-defined schedule (when the port is administratively up)
  • Time-based PoE : Capability for power to be on or off based on a user-defined schedule to save energy


  • Jumbo frames : Frame sizes up to 9K bytes. The default MTU is 2K bytes
  • MAC table : 16K addresses


  • Bonjour : The switch advertises itself using the Bonjour protocol
  • Link Layer Discovery Protocol (LLDP) (802.1ab) with LLDP?MED extensions : LLDP allows the switch to advertise its identification, configuration, and capabilities to neighboring devices that store the data in a MIB. LLDP-MED is an enhancement to LLDP that adds the extensions needed for IP phones
  • Cisco Discovery Protocol : The switch advertises itself using the Cisco Discovery Protocol. It also learns the connected device and its characteristics via Cisco Discovery Protocol

Power over Ethernet (PoE)

  • 802.3af PoE, 802.3at PoE+, or 60W PoE are delivered over the RJ-45 ports within the listed power budgets
  • The following switches support 802.3at PoE+, 802.3af PoE, and Cisco prestandard (legacy) PoE on any of the RJ45 network ports. 60W PoE is also supported on selected RJ-45 network ports
  • Maximum power of 60W is delivered to any of the 60W PoE ports, and maximum power of 30W is delivered to any of the other RJ45 network ports, until the PoE budget for the switch is reached
  • The total power available for PoE per switch is as follows
  • Power Dedicated to PoE : 62W
  • Number of Ports That Support PoE : 8
  • PoE powered device and PoE passthrough
  • In addition to AC power, compact switch models can work as PoE powered devices and be powered by PoE switches connected to the uplink ports. The switch can also pass through the power to downstream PoE end devices if required
  • Maximum of 60W can be drawn per uplink port if the peer PoE switch supports 60W PoE. When multiple uplink ports are connected to PoE switches, the power drawn from these ports is combined
  • When AC power is connected and functioning properly, it will have priority over the PoE powered device function. The PoE powered device function will then act as a backup power source to the AC power. The PoE powered device function will be the primary power source for the switch if AC power is not connected
  • Power Option : 1 PoE uplink
  • Available PoE Power (W) : 0W
  • Can Switch Be Powered with Uplinks : Yes
  • Power consumption (worst case)
    • Green Power (mode) : EEE, Energy Detect, Short Reach
    • System Power Consumption : 110V=13.0W, 220V=13.5W
    • Power Consumption (with PoE) : 110V=84.7W, 220V=83.5W
    • Heat Dissipation (BTU/hr) : 289.0


  • Total System Ports : 10 Gigabit Ethernet
  • RJ-45 Ports : 8 Gigabit Ethernet
  • Combo Ports (RJ-45 + SFP) : 2 Gigabit Ethernet combo
  • Console port : Cisco Standard RJ45 console port
  • USB slot : USB Type-A slot on the front panel of the switch for easy file and image management
  • Buttons : Reset button
  • Cabling type : Unshielded Twisted Pair (UTP) Category 5 or better for 10BASE-T/100BASE-TX; UTP Category 5e or better for 1000BASE-T
  • LEDs : System, Link/Act, PoE, Speed
  • Flash : 256 MB
  • CPU : 800 MHz ARM
  • CPU memory : 512 MB
  • Packet buffer : All numbers are aggregate across all ports as the buffers are dynamically shared: 1.5 MB


  • Unit dimensions (W x H x D) : 280 x 44 x 170 mm (11.0 x 1.73 x 6.69 in)
  • Unit weight : 1.19 kg (2.62 lb)
  • Power : 100-240V 50-60 Hz, external:
  • Certification :  UL (UL 60950), CSA (CSA 22.2), CE mark, FCC Part 15 (CFR 47) Class A
  • Operating temperature : 32° to 122°F (0° to 50°C)
  • Storage temperature : –4° to 158°F (–20° to 70°C)
  • Operating humidity : 10% to 90%, relative, noncondensing
  • Storage humidity : 10% to 90%, relative, noncondensing

Acoustic noise and MTBF

  • FAN (Number) : Fanless
  • Acoustic Noise : N/A
  • MTBF @40C (hr) : 205,647

Warranty : Limited lifetime with next business day advance replacement (where available)

Package Contents

  • Cisco 350 Series Managed Switch
  • Power Cord (Power Adapter for select SKUs)
  • Mounting Kit
  • Console Cable
  • Quick Start Guide

Minimum Requirements

  • Web browser: Chrome, Firefox, Edge, Safari
  • Category 5 Ethernet network cable
  • TCP/IP, network adapter, and network operating system (such as Microsoft Windows, Linux, or Mac OS X) installed on each computer in the network