© 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Part V: Monitoring Campus Networks.

Slides:



Advertisements
Similar presentations
Virtual Trunk Protocol
Advertisements

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
Chapter 3: Link Aggregation
Securing the Router Chris Cunningham.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.
/30 Host Name : R1 Serial 0/0/0.1.2 Host Name : R2 Router Lab 3 : 2 - Routers Connection DTE DCE.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—6-1 Implementing Layer 3 High Availability Configuring Layer 3 Redundancy with HSRP.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Part III Working with Redundant Links
Part IV: Multilayer Switching
Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.
VLAN ROUTING How can we route traffic between vlans ? By Default Vlans isolate them selves. To Route Traffic we can use: 1. Router: A Router connected.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Configuring VLANs.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—2-1 Implementing VLANs in Campus Networks Configuring PVLANs.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—2-1 Implementing VLANs in Campus Networks Applying Best Practices for VLAN Topologies.
Part V: Monitoring Campus Networks
TRUNKS TRUNK: Trunking is a layer 2 feature.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel.
VLAN Trunking Protocol
– Chapter 5 – Secure LAN Switching
CIT 384: Network AdministrationSlide #1 CIT 384: Network Administration VLANs.
HSRP Redundancy & Failover:
Building Cisco Multilayer Switched Networks (BCMSN)
Network Security1 – Chapter 5 – Secure LAN Switching Layer 2 security –Port security –IP permit lists –Protocol filtering –Controlling LAN floods (using.
Part VI: Implementing High Availability
VLAN V irtual L ocal A rea N etwork VLAN Network performance is a key factor in the productivity of an organization. One of the technologies used to.
1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Remote access typically involves allowing telnet, SSH connections to the router Remote requires.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod9_L8 1 Network Security 2 Module 7 – Secure Network Architecture and Management.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Part III Working with Redundant Links.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.
Verify that timestamps for debugging and logging messages has been enabled. Verify the severity level of events that are being captured. Verify that the.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Enterprise Network.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 8 Virtual LANs Cisco Networking Academy.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double.
W&L Page 1 CCNA CCNA Training 2.7 Configure and verify trunking on Cisco switches Jose Luis Flores / Amel Walkinshaw Aug, 2015.
Configuring AAA requires four basic steps: 1.Enable AAA (new-model). 2.Configure security server network parameters. 3.Define one or more method lists.
Switching Topic 2 VLANs.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Protecting Against VLAN Attacks.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 9 VLAN Trunking Protocol Cisco Networking Academy.
Chapter 4 Version 1 Virtual LANs. Introduction By default, switches forward broadcasts, this means that all segments connected to a switch are in one.
VLAN Design Etherchannel. Review: Private VLANS  Used by Service providers to deploy host services and network access where all devices reside in the.
Configuring AAA Kamyar Miremadi Laila Sherif Summer 2005.
S7C8 Hot Standby Router Protocol
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
Cisco 3 - Switch Perrine. J Page 12/4/2016 Chapter 9 Which protocol is Cisco proprietary and designed to carry traffic from multiple VLANs? A Q.
Cisco Exam Questions IMPLEMENTING CISCO IOS NETWORK SECURITY (IINS V2.0) VERSION: Presents: 1.
Cisco Study Guide
How to Configure VLAN Hopping for Cisco Switch
CCNA Practice Exam Questions
CompTIA Security+ Study Guide (SY0-401)
Layer 3 Redundancy 1. Hot Standby Router Protocol (HSRP)
Instructor Materials Chapter 4: EtherChannel and HSRP
Instructor & Todd Lammle
Chapter 5: Inter-VLAN Routing
CompTIA Security+ Study Guide (SY0-401)
Chapter 3: Implementing VLAN Security
CCNA 3 v3 JEOPARDY Module 8 CCNA3 v3 Module 8 K. Martin.
CCNA 3 v3 JEOPARDY Module 8 CCNA3 v3 Module 8 K. Martin.
Cisco networking CNET-448
Presentation transcript:

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Part V: Monitoring Campus Networks

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Logging Switch Activity

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir SNMP

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir IP SLA

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Monitor Session

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Using Local SPAN Switched Port Analyzer (SPAN) to analyze a port one or more VLANs on the switch, you can identify the VLANs as the SPAN source called VLAN-based SPAN or VSPAN.

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Remote SPAN

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Part VI: Implementing High Availability

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Layer 3 High Availability

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Hot Standby Router Protocol HSRP HSRP is a Cisco proprietary protocol RFC 2281 The routers exchange HSRP hello messages at regular intervals multicast destination (“all routers”) using UDP port group number, from 0 to 255 most Catalyst switches support only up to 16 unique HSRP group numbers HSRP groups are locally significant only on an interface. If all router priorities are equal highest IP address on the HSRP interface becomes the active By default, hellos are sent every 3 seconds.

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Gateway Load Balancing Protocol

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Securing VLANs

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Private VLANs VTP does not pass any information about the private “locally significant to a switch” You must configure each physical switch port that uses a private VLAN Promiscuous: The switch port connects to a router, firewall, or other common gateway device. Host: The switch port connects to a regular host that resides on an isolated or community VLAN. The port communicates only with a promiscuous port or ports on the same community VLAN.

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Securing VLAN Trunks VLAN Hopping Switch(config)# vlan 800 Switch(config-vlan)# name bogus_native Switch(config-vlan)# exit Switch(config)# interface gigabitethernet 1/0/1 Switch(config-if)# switchport trunk encapsulation dot1q Switch(config-if)# switchport trunk native vlan 800 Switch(config-if)# switchport trunk allowed vlan remove 800 Switch(config-if)# switchport mode trunk

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Preventing Spoofing Attacks

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Managing Switch Users

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir AAA Authentication: Who is the user? Authorization: What is the user allowed to do? Accounting: What did the user do? AAA functions that are centralized, standardized, resilient, and flexible. Cisco switches can use the following two protocols to communicate with AAA servers: TACACS+: A Cisco proprietary secure and encrypted over TCP port 49 RADIUS: A standards-based uses UDP ports 1812 and 1813 (accounting), but is not completely encrypted

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Switching certificate Exam

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.