Chapter 2: Basic Switching Concepts and Configuration

Slides:



Advertisements
Similar presentations
Mitigating Layer 2 Attacks
Advertisements

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing And Switching 2.0.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing and Switching.
Chapter 2: Introduction to Switched Networks
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing and Switching.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Inter-VLAN Routing Routing & Switching.
Sybex CCENT Chapter 10: Layer 2 Switching Instructor & Todd Lammle.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
1 Routing Introduction to Routing Static Routing.
Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.
TCP/SYN Attack – use ACL to allow traffic from TCP connections that were established from the internal network and block packets from an external network.
– Chapter 5 – Secure LAN Switching
LAN Switching and Wireless – Chapter 2
Network Security1 – Chapter 5 – Secure LAN Switching Layer 2 security –Port security –IP permit lists –Protocol filtering –Controlling LAN floods (using.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Switch LAN Switching and Wireless – Chapter 2.
Saeed Darvish Pazoki – MCSE, CCNA Abstracted From: Cisco Press – ICND 1 – Chapter 9 Ethernet Switch Configuration 1.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Basic Switch Concepts and Configuration Chapter.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Basic Switch Concept Prepared by: Akhyari Nasir Resources form Internet.
Enabling Port Security
Secure Wired Local Area Network( LAN ) By Sentuya Francis Derrick ID Module code:CT3P50N BSc Computer Networking London Metropolitan University.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 2 ver.2 Module 8 City College.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing And Switching 2.0.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Basic Switch Configurations.
 Router Configurations part2 2 nd semester
+ Lecture#3: Configuring a Network Operating System Asma AlOSAIMI.
Cisco Routers Routers collectively provide the main feature of the network layer—the capability to forward packets end-to-end through a network. routers.
LAN Switching and Wireless – Chapter 2
Lecture#3: Configuring a Network Operating System
Instructor Materials Chapter 2: Scaling VLANs
SECURE LAB: CREATING A CISCO 3550 VLSM NETWORK
Introduction to Networks v6.0
Instructor Materials Chapter 6: Network Layer
Instructor Materials Chapter 4: Introduction to Switched Networks
Instructor Materials Chapter 5: Network Security and Monitoring
Instructor Materials Chapter 2: Configure a Network Operating System
Layer 2 Attacks and Security
Chapter 2: Configure a Network Operating System
Lec 3: Introduction to Switched Networks
Understanding Switch Security
Instructor Materials Chapter 5: Ethernet
– Chapter 5 – Secure LAN Switching
Chapter 5: Switch Configuration
Chapter 4: Routing Concepts
Chapter 5: Inter-VLAN Routing
Chapter 2: Static Routing
Introduction to Networking
Chapter 6: Network Layer
Instructor Materials Chapter 4: Introduction to Switched Networks
Chapter 2: Introduction to Switched Networks
Switch Concepts and Configuration Part II
Chapter 4: Switched Networks
Chapter 2: Scaling VLANs
Chapter 5: Network Security and Monitoring
Chapter 2: Introduction to Switched Networks
Chapter 2: Introduction to Switched Networks
Chapter 5: Switch Configuration
Chapter 2: Static Routing
– Chapter 3 – Device Security (B)
Routing and Switching Essentials v6.0
Chapter 2: Configure a Network Operating System
Chapter 3: Dynamic Routing
Chapter 4: Switched Networks
LAN Switching and Wireless – Chapter 2
2 - IP Routing.
Chapter 5: Switch Configuration
– Chapter 3 – Device Security (B)
Lecture#3: Configuring a Network Operating System
Chapter 2: Scaling VLANs
LAN Switching and Wireless – Chapter 2
Presentation transcript:

Chapter 2: Basic Switching Concepts and Configuration Cisco Networking Academy program Routing & Switching Chapter 2: Introduction to Switched Networks Routing and Switching

Configuring Switch Ports Duplex Communication

Configuring Switch Ports Configuring Switch Ports at the Physical Layer

Configuring Switch Ports Auto-MDIX Feature Certain cable types (straight-through or crossover) were historically required when connecting devices. The automatic medium-dependent interface crossover (auto-MDIX) feature eliminates this problem. When auto-MDIX is enabled, the interface automatically detects and appropriately configures the connection. When using auto-MDIX on an interface, the interface speed and duplex must be set to auto. 2.1.2.3 Auto-MDIX Feature

Configuring Switch Ports Verifying Switch Port Configuration

Configuring Switch Ports Network Access Layer Issues

Configuring Switch Ports Network Access Layer Issues (cont.)

Basic Switch Configuration Preparing for Basic Switch Management To remotely manage a Cisco switch, it must be configured to access the network. An IP address and a subnet mask must be configured. switch virtual interface (SVI). If managing the switch from a remote network, a default gateway must also be configured. 2.1.1.4 Preparing for Basic Switch Management

Basic Switch Configuration Preparing for Basic Switch Management (cont

Basic Switch Configuration Preparing for Basic Switch Management (cont

Secure Remote Access SSH Operation Because its strong encryption features, SSH should replace Telnet for management connections. SSH uses TCP port 22, by default. Telnet uses TCP port 23. 2.2.1.1 SSH Operation

Secure Remote Access SSH Operation (cont.)

Secure Remote Access Configuring SSH

Security Concerns in LANs MAC Address Flooding Switches automatically populate their CAM tables by watching traffic entering their ports. Switches forward traffic trough all ports if it cannot find the destination MAC in its CAM table. Such tool is a program created to generate and send out frames with bogus source MAC addresses to the switch port. 2.2.2.1 MAC Address Flooding

Security Concerns in LANs MAC Address Flooding (cont.)

Security Concerns in LANs DHCP Spoofing DHCP is a network protocol used to automatically assign IP information. 2.2.2.2 DHCP Spoofing

Security Best Practices 10 Best Practices Develop a written security policy for the organization. Shut down unused services and ports. Use strong passwords and change them often. Control physical access to devices. Use HTTPS instead of HTTP. Perform backup operations on a regular basis. Educate employees about social engineering attacks. Encrypt and password-protect sensitive data. Implement firewalls. Keep software up-to-date. 2.2.3.1 10 Best Practices

Switch Port Security Secure Unused Ports Disabling unused ports is a simple, yet efficient security guideline. 2.2.4.1 Secure Unused Ports

Switch Port Security DHCP Snooping DHCP Snooping specifies which switch ports can respond to DHCP requests 2.2.4.2 DHCP Snooping

Switch Port Security Port Security: Operation Port security limits the number of valid MAC addresses allowed on a port. Secure MAC addresses can be configured in a number of ways: Static secure MAC addresses Dynamic secure MAC addresses Sticky secure MAC addresses 2.2.4.3 Port Security: Operation

Switch Port Security Port Security: Violation Modes There are three possible actions to take when a violation is detected: Protect Restrict Shutdown 2.2.4.4 Port Security: Violation Modes

Switch Port Security Dynamic Port Security Defaults

Switch Port Security Configuring Dynamic Port Security

Switch Port Security Configuring Port Security Sticky

Switch Port Security Verifying Port Security Sticky

Switch Port Security Verifying Port Security Stick – Running Configuration

Switch Port Security Ports in Error Disabled State A port security violation can put a switch in error disabled state. A port in error disabled is effectively shutdown. The switch communicates these events through console messages. 2.2.4.7 Ports in Error Disabled State

Switch Port Security Ports in Error Disabled State (cont.) The show interface command also reveals a switch port on error disabled state. 2.2.4.7 Ports In Error Disabled State

Switch Port Security Ports in Error Disabled State (cont.) A shutdown or no shutdown interface configuration mode command must be issued to re-enable the port. 2.2.4.7 Ports In Error Disabled State

Switch Port Security Network Time Protocol The Network Time Protocol (NTP) is used to synchronize the clocks of computer systems data networks. Time sources can be: Local master clock Master clock on the Internet GPS or atomic clock 2.2.4.8 Network Time Protocol (NTP) More info can be found at: http://tools.ietf.org/html/rfc5905 http://en.wikipedia.org/wiki/Network_Time_Protocol

Switch Port Security Configuring NTP More info can be found at: http://tools.ietf.org/html/rfc5905 http://en.wikipedia.org/wiki/Network_Time_Protocol

Switch Port Security Verifying NTP More info can be found at: http://tools.ietf.org/html/rfc5905 http://en.wikipedia.org/wiki/Network_Time_Protocol

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.