Networks and Security Great Demo

Slides:



Advertisements
Similar presentations
Ethernet Switch Features Important to EtherNet/IP
Advertisements

Hub A hub is a device that connects PCs together All hubs Contain multiple access ports the hub simply forwards the packets to all the other devices connected.
Computer Networking Components Chad DuBose ~ Assignment #3 ~ LTEC
LAN Segmentation Virtual LAN (VLAN).
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.
Presented by Serge Kpan LTEC Network Systems Administration 1.
1 Inter-VLAN routing Chapter 6 CCNA Exploration Semester 3 Modified by Profs. Ward and Cappellino.
Security Awareness: Applying Practical Security in Your World
Wi-Fi Structures.
Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –
Networking Components
© Wiley Inc All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 8: Virtual LANs (VLANs)
Mr. Mark Welton.  Three-tiered Architecture  Collapsed core – no distribution  Collapsed core – no distribution or access.
Networking Components Chad Benedict – LTEC
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
Connecting LANs, Backbone Networks, and Virtual LANs
NETWORKING COMPONENTS Zach Avis. Hub A hub is a low cost way to connect two computers. A hub can also act as a repeater. When a signal comes from one.
Basic Networking Components
Networking Components By: Michael J. Hardrick. HUB  A low cost device that sends data from one computer to all others usually operating on Layer 1 of.
Networking Components
Chap 10 Routing and Addressing Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing in an Enterprise Network Introducing Routing and Switching in the.
NETWORKING COMPONENTS By Scott H. Bowers. HUB A hub can be easily mistaken for a switch, physically there are no defining characteristics, both have power.
Common Devices Used In Computer Networks
– Chapter 5 – Secure LAN Switching
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Connecting to the Network Networking for Home and Small Businesses.
Networking Components Presented by Jaisson Mailloux LTEC 4550 Network Systems Administration.
Network Security1 – Chapter 5 – Secure LAN Switching Layer 2 security –Port security –IP permit lists –Protocol filtering –Controlling LAN floods (using.
1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.
NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.
Basic Network Gear Created by Alex Schatz. Hub A hub is a very basic internetworking device. Hubs connect multiple machines together and allow them to.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing in an Enterprise Network Introducing Routing and Switching in the.
Author: Bill Buchanan. 1. Broadcast: What is the MAC address of this network address? 2. Requested host: All the hosts read the broadcast and checks.
NETWORK COMPONENTS Assignment #3. Hub A hub is used in a wired network to connect Ethernet cables from a number of devices together. The hub allows each.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Introduction to Scaling Networks Scaling Networks.
NETWORKING COMPONENTS Buddy Steele Assignment 3, Part 1 CECS-5460: Summer 2014.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
Cisco S3C3 Virtual LANS. Why VLANs? You can define groupings of workstations even if separated by switches and on different LAN segments –They are one.
A machine that acts as the central relay between computers on a network Low cost, low function machine usually operating at Layer 1 Ties together the.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 8 Virtual LANs Cisco Networking Academy.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
Chapter 3 - VLANs. VLANs Logical grouping of devices or users Configuration done at switch via software Not standardized – proprietary software from vendor.
Network Components David Blakeley LTEC HUB A common connection point for devices in a network. Hubs are commonly used to connect segments of a LAN.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 16 Connecting LANs, Backbone Networks, and Virtual LANs.
Chapter 4 Version 1 Virtual LANs. Introduction By default, switches forward broadcasts, this means that all segments connected to a switch are in one.
W&L Page 1 CCNA CCNA Training 2.5 Describe how VLANs create logically separate networks and the need for routing between them Jose Luis.
Networking Components WILLIAM NELSON LTEC HUB  Device that operated on Layer 1 of the OSI stack.  All I/O flows out all other ports besides the.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Network Components Kortney Horton LTEC October 20, 2013 Assignment 3.
Network Equipment Assignment 3 LTEC 4550 Aaron Whitaker.
TOPIC 1.3 INTRODUCTION TO NETWORKING. Router – A netwok interconnection device & associated software that links two networks. The networks being linked.
Networking Components William Isakson LTEC 4550 October 7, 2012 Module 3.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
.  Hubs send data from one computer to all other computers on the network. They are low-cost and low-function and typically operate at Layer 1 of the.
Kevin Harrison LTEC 4550 Assignment 3.  Ethernet Hub  An unsophisticated device that is used for connecting multiple Ethernet devices together.  Typically.
PART1: NETWORK COMPONENTS AND TRANSMISSION MEDIUM Wired and Wireless network management 1.
15.1 Chapter 15 Connecting LANs, Backbone Networks, and Virtual LANs Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or.
Networks Infrastructure and Security Portfolio Overview
WHAT’S A WIRELESS AP? AND WHY DO I NEED ONE? Network Components & How They Work.
SECURITY ZONES.
Welcome! Thank you for joining us. We’ll get started in a few minutes.
Introduction to Networking
Virtual LANs.
2018 Real CompTIA N Exam Questions Killtest
Best Practices for Configuring Stratix Managed Switches
CCNA 3 v3 JEOPARDY Module 8 CCNA3 v3 Module 8 K. Martin.
Firewalls Routers, Switches, Hubs VPNs
Presentation transcript:

Networks and Security Great Demo Stratix 5700

Demo 1 – Network Address Translation (NAT) in Layer 2 Architecture ?

NAT Implementation in a layer 2 vs. Layer 3 Device Typically a software implementation NAT device acts as the default gateway (router) for the devices on the inside network NAT device will intercept traffic, perform translation, and route traffic Translations are handled by the NAT CPU Performance of translation directly tied to the loading of the NAT CPU Hardware based implementation NAT device does not act as a router and utilizes 2 translations tables – inside to outside & outside to inside Performance is at wire speed throughout switch loading Supports multiple VLANs through NAT boundary enhancing segmentation flexibility (Communication between VLANS requires a separate layer 3 device) *Layer 2 NAT is available only in the Stratix 5700

Demo 1 - Applying NAT using the Layer 2 Stratix 5700 4 – Specify the Public to Private address translation. 3 – Specify the Private (smaller “inside” network) to Public (larger “outside” network) address translation. 2 – Open the NAT tab and add a new instance 1 - Inside the Studio 5000 project open the AOP for the Stratix 5700

Demo 1 – NAT in action

Demo 2 – Network segmentation using VLANs Every broadcasting device sends frames to every corner of the Network.

Demo 2 – Affected equipment Red line is communications with PAC Blue line is broadcast traffic Circled spikes take traffic over 600 frames a second, causing failures in this particular case

Demo 2 – Solution, segment network with VLANs A router or layer 3 switch breaks up broadcast domains, limiting the reach of broadcast frames

Demo 2 – Solution, segment network with VLANs The effect of network broadcast are nearly negligible.

Demo 2 – Applying Network segmentation using Stratix 5700 5 – Enable routing in the device manager 4 – Assign VLANs to switch ports 2 – Select the Smartports and VLANs tab and click on New VLAN 1 – Inside the Studio 5000 project, open the AOP for the Stratix 5700 3 – Create VLAN10 and VLAN20

Demo 3 – Zone security In order for the production line to request delivery of steam or air, its controls need to communicate to the utilities supplier controls. The protocol they use to communicate is CIP. All other traffic going to or coming from this zone should be restricted. For situation where we want to restrict network traffic between certain areas (zones) of our plant. Like in the case, illustrated here, where company XYZ has its utilities like steam and compressed air managed by a third party vendor. The solution is implementing a Stratix 5900, which is a services router that can be used as a zone-based policy Firewall. 192.168.10.5 CIP traffic like: Open steam valve Current steam pressure: 40PSI Any traffic not explicitly allowed 192.168.20.5

Demo 3 – Zone security result Ping, blocked HTTP, forbidden 192.168.10.5 RSLinx (CIP) allowed 192.168.20.5

Demo 3 – Applying Zone Security with the Stratix 5900 2 – Assign the VLANs to inside and outside zones 1 - Open the Stratix 5900 Configurator software and add 2 VLANs to differentiate between internal (inside) and external (outside) traffic.

Demo 3 – Applying Zone Security with the Stratix 5900 3 – Create two user defined Port to application mappings One for CIP Class 1, used for example for Logix Controller I/O and produced and consumed data transfers And one for CIP Class 3, used for example for RSLinx communications between Studio 5000 and the Logix Controller

Demo 3 – Applying Zone Security with the Stratix 5900 4 – Create a firewall policy that implements rules which enforce the user defined CIP port to application mappings we just setup

Demo 4 – Wireless communications As a WGB, the Stratix 5100 operates in the WLAN as a single wireless client of an access point (root AP). The WGB learns MAC addresses of its wired clients on the Ethernet interface and reports them to the root AP In autonomous mode, the Stratix 5100 can function as: In Access Point mode, the Stratix 5100 is accepting connections from wireless client. Access Point (AP) Or Workgroup Bridge (WGB)

Demo 4 – Configuring the Stratix 5100 as a Wireless Access Point 1 – Log into the Stratix 5100 device manager and configure basic settings like AP IP address and Host name And SSID

Demo 4 – Configuring the Stratix 5100 as a Wireless Access Point 2 – Enable encryption … And apply WPA to the SSID

Demo 4 – Configuring the Stratix 5100 as a Wireless Access Point 3 – Enable the radio

Demo 4 – Configuring the Stratix 5100 as a Wireless Access Point

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.