Presentation is loading. Please wait.

Presentation is loading. Please wait.

Instructor Materials Chapter 5: Network Security and Monitoring

Published byRodger Gallagher Modified over 6 years ago

Similar presentations

Presentation on theme: "Instructor Materials Chapter 5: Network Security and Monitoring"— Presentation transcript:

1 Instructor Materials Chapter 5: Network Security and Monitoring
Cisco Networking Academy Program Connecting Networks Chapter 5: Network and Security Monitoring CCNA Routing and Switching Connecting Networks

2 Chapter 5 - Sections & Objectives
5.1 LAN Security Explain how to mitigate common LAN security. 5.2 SNMP Configure SNMP to monitor network operations in a small to medium-sized business network. 5.3 Cisco Switch Port Analyzer (SPAN) Troubleshoot a network problem using SPAN. 2

3 5.1 LAN Security Cisco Networking Academy Program Connecting Networks
Chapter 5: Network Security and Monitoring

4 LAN Security LAN Security Attacks
Common attacks against the Layer 2 LAN infrastructure include: CDP Reconnaissance Attacks Telnet Attacks MAC Address Table Flooding Attacks VLAN Attacks DHCP Attacks 5.1 - LAN Security 5.1.1 – LAN Security Attacks

5 LAN Security LAN Security Best Practices
This topic covers several Layer 2 security solutions: Mitigating MAC address table flooding attacks using port security Mitigating VLAN attacks Mitigating DHCP attacks using DHCP snooping Securing administrative access using AAA Securing device access using 802.1X port authentication 5.1 – LAN Security 5.1.2 – LAN Security Best Practices

6 LAN Security LAN Security Best Practices
There are several strategies to help secure Layer 2 of a network: Always use secure variants of these protocols such as SSH, SCP, SSL, SNMPv3, and SFTP. Always use strong passwords and change them often. Enable CDP on select ports only. Secure Telnet access. Use a dedicated management VLAN where nothing but management traffic resides. Use ACLs to filter unwanted access. 5.1 – LAN Security 5.1.2 – LAN Security Best Practices

7 5.2 SNMP Cisco Networking Academy Program Connecting Networks
Chapter 5: Network Security and Monitoring

8 SNMP SNMP Operation SNMP allows administrators to manage and monitor devices on an IP network. SNMP Elements SNMP Manager SNMP Agent MIB SNMP Operation Trap Get Set 5.2 – SNMP 5.2.1 SNMP Operation

9 SNMP Security Model and Levels
SNMP SNMP Operation SNMP Security Model and Levels 5.2 – SNMP 5.2.1 – SNMP Operation

10 Configuration steps Configure community string
SNMP Configuring SNMP Configuration steps Configure community string Document location of device Document system contact Restrict SNMP Access Specify recipient of SNMP Traps Enable traps on SNMP agent 5.2 – SNMP 5.2.2 – Configuring SNMP

11 Securing SNMPv3 SNMP Configuring SNMP 5.2 – SNMP

12 5.3 Cisco Switch Port Analyzer (SPAN)
Cisco Networking Academy Program Connecting Networks Chapter 5: Network Security and Monitoring

13 Cisco Switch Port Analyzer SPAN Overview
Port mirroring The port mirroring feature allows a switch to copy and send Ethernet frames from specific ports to the destination port connected to a packet analyzer. The original frame is still forwarded in the usual manner. 5.3 Cisco Switch Port Analyzer 5.3.1 SPAN Overview

14 Cisco Switch Port Analyzer SPAN Overview
SPAN terminology 5.3 – Switch Port Analyzer 5.3.1 – SPAN Overview

15 Cisco Switch Port Analyzer SPAN Overview
RSPAN terminology 5.3 – Switch Port Analyzer 5.3.1 – SPAN Overview

16 Cisco Switch Port Analyzer SPAN Configuration
Use monitor session global configuration command 5.3 – Cisco Switch Port Analyzer 5.3.2 – SPAN Configuration

17 Cisco Switch Port Analyzer SPAN as a Troubleshooting Tool
SPAN allows administrators to troubleshoot network issues Administrator can use SPAN to duplicate and redirect traffic to a packet analyzer Administrator can analyze traffic from all devices to troubleshoot sub-optimal operation of network applications 5.3 – Cisco Switch Port Analyzer 5.3.3 – SPAN as a Troubleshooting Tool

18 5.4 Chapter Summary Chapter 5: Network Security and Monitoring
Cisco Networking Academy Program Connecting Networks Chapter 5: Network Security and Monitoring

19 Chapter Summary Summary
At Layer 2, a number of vulnerabilities exist that require specialized mitigation techniques: MAC address table flooding attacks are addressed with port security. VLAN attacks are controlled by disabling DTP and following basic guidelines for configuring trunk ports. DHCP attacks are addressed with DHCP snooping. The SNMP protocol has three elements: the Manager, the Agent, and the MIB. The SNMP manager resides on the NMS, while the Agent and the MIB are on the client devices. The SNMP Manager can poll the client devices for information, or it can use a TRAP message that tells a client to report immediately if the client reaches a particular threshold. SNMP can also be used to change the configuration of a device. 5.4 - Chapter Summary

20 Summary Continued SNMPv3 is the recommended version because it provides security. SNMP is a comprehensive and powerful remote management tool. Nearly every item available in a show command is available through SNMP. Switched Port Analyzer (SPAN) is used to mirror the traffic going to and/or coming from the host. It is commonly implemented to support traffic analyzers or IPS devices. 2.4 – Chapter Summary

21

22

Download ppt "Instructor Materials Chapter 5: Network Security and Monitoring"

Similar presentations

Ethernet Switch Features Important to EtherNet/IP

Ethernet Switch Features Important to EtherNet/IP
Mitigating Layer 2 Attacks

Mitigating Layer 2 Attacks
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing And Switching 2.0.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing And Switching 2.0.
VLAN KRISHNAKUMAR RAJENDRAN NIKITA PATEL TEJENDRA PATEL Guided by Prof, Edmund Gean.

VLAN KRISHNAKUMAR RAJENDRAN NIKITA PATEL TEJENDRA PATEL Guided by Prof, Edmund Gean.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing and Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing and Switching.
Instructor & Todd Lammle

Instructor & Todd Lammle
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.
Implementing a Highly Available Network

Implementing a Highly Available Network
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Semester 3, v Chapter 3: Virtual LANs

Semester 3, v Chapter 3: Virtual LANs
Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.

Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.
– Chapter 5 – Secure LAN Switching

– Chapter 5 – Secure LAN Switching
LAN Switching and Wireless – Chapter 2

LAN Switching and Wireless – Chapter 2
Network Security1 – Chapter 5 – Secure LAN Switching Layer 2 security –Port security –IP permit lists –Protocol filtering –Controlling LAN floods (using.

Network Security1 – Chapter 5 – Secure LAN Switching Layer 2 security –Port security –IP permit lists –Protocol filtering –Controlling LAN floods (using.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Switch LAN Switching and Wireless – Chapter 2.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Switch LAN Switching and Wireless – Chapter 2.
Saeed Darvish Pazoki – MCSE, CCNA Abstracted From: Cisco Press – ICND 1 – Chapter 9 Ethernet Switch Configuration 1.

Saeed Darvish Pazoki – MCSE, CCNA Abstracted From: Cisco Press – ICND 1 – Chapter 9 Ethernet Switch Configuration 1.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Basic Switch Concepts and Configuration Chapter.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Basic Switch Concepts and Configuration Chapter.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Basic Switch Concept Prepared by: Akhyari Nasir Resources form Internet.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Basic Switch Concept Prepared by: Akhyari Nasir Resources form Internet.

Similar presentations

Ads by Google