Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Part V: Monitoring Campus Networks.

Published byAmber Thomas Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Part V: Monitoring Campus Networks."— Presentation transcript:

1 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Part V: Monitoring Campus Networks

2 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Logging Switch Activity

3 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir SNMP

4 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir IP SLA

5 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Monitor Session

6 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Using Local SPAN Switched Port Analyzer (SPAN) to analyze a port one or more VLANs on the switch, you can identify the VLANs as the SPAN source called VLAN-based SPAN or VSPAN.

7 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Remote SPAN

8 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Part VI: Implementing High Availability

9 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir

10 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Layer 3 High Availability

11 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Hot Standby Router Protocol HSRP HSRP is a Cisco proprietary protocol RFC 2281 The routers exchange HSRP hello messages at regular intervals multicast destination 224.0.0.2 (“all routers”) using UDP port 1985. group number, from 0 to 255 most Catalyst switches support only up to 16 unique HSRP group numbers HSRP groups are locally significant only on an interface. If all router priorities are equal highest IP address on the HSRP interface becomes the active By default, hellos are sent every 3 seconds.

12 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Gateway Load Balancing Protocol

13 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Securing VLANs

14 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Private VLANs VTP does not pass any information about the private “locally significant to a switch” You must configure each physical switch port that uses a private VLAN Promiscuous: The switch port connects to a router, firewall, or other common gateway device. Host: The switch port connects to a regular host that resides on an isolated or community VLAN. The port communicates only with a promiscuous port or ports on the same community VLAN.

15 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Securing VLAN Trunks VLAN Hopping Switch(config)# vlan 800 Switch(config-vlan)# name bogus_native Switch(config-vlan)# exit Switch(config)# interface gigabitethernet 1/0/1 Switch(config-if)# switchport trunk encapsulation dot1q Switch(config-if)# switchport trunk native vlan 800 Switch(config-if)# switchport trunk allowed vlan remove 800 Switch(config-if)# switchport mode trunk

16 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Preventing Spoofing Attacks

17 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Managing Switch Users

18 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir AAA Authentication: Who is the user? Authorization: What is the user allowed to do? Accounting: What did the user do? AAA functions that are centralized, standardized, resilient, and flexible. Cisco switches can use the following two protocols to communicate with AAA servers: TACACS+: A Cisco proprietary secure and encrypted over TCP port 49 RADIUS: A standards-based uses UDP ports 1812 and 1813 (accounting), but is not completely encrypted

19 © 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Switching certificate Exam

Download ppt "© 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir Part V: Monitoring Campus Networks."

Similar presentations

Virtual Trunk Protocol

Virtual Trunk Protocol
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
Chapter 3: Link Aggregation

Chapter 3: Link Aggregation
Securing the Router Chris Cunningham.

Securing the Router Chris Cunningham.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.
192.168.0.0/30 Host Name : R1 Serial 0/0/0.1.2 Host Name : R2 Router Lab 3 : 2 - Routers Connection DTE DCE.

/30 Host Name : R1 Serial 0/0/0.1.2 Host Name : R2 Router Lab 3 : 2 - Routers Connection DTE DCE.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—6-1 Implementing Layer 3 High Availability Configuring Layer 3 Redundancy with HSRP.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—6-1 Implementing Layer 3 High Availability Configuring Layer 3 Redundancy with HSRP.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung(1203584897) Sriram Gopinath(1203800749)

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Part III Working with Redundant Links

Part III Working with Redundant Links
Part IV: Multilayer Switching

Part IV: Multilayer Switching
Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.
VLAN ROUTING How can we route traffic between vlans ? By Default Vlans isolate them selves. To Route Traffic we can use: 1. Router: A Router connected.

VLAN ROUTING How can we route traffic between vlans ? By Default Vlans isolate them selves. To Route Traffic we can use: 1. Router: A Router connected.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Configuring VLANs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Configuring VLANs.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—2-1 Implementing VLANs in Campus Networks Configuring PVLANs.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—2-1 Implementing VLANs in Campus Networks Configuring PVLANs.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—2-1 Implementing VLANs in Campus Networks Applying Best Practices for VLAN Topologies.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—2-1 Implementing VLANs in Campus Networks Applying Best Practices for VLAN Topologies.
Part V: Monitoring Campus Networks

Part V: Monitoring Campus Networks

Similar presentations

Ads by Google