Verify that management VLAN has been reassigned. Verify that operational VLANs do not have access to the management VLAN. Verify that the ports in the.

Slides:



Advertisements
Similar presentations
Virtual Trunk Protocol
Advertisements

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implement VTP LAN Switching and Wireless – Chapter 4.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Introducing VLAN Operations.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
Virtual LANs.
VLANs Module 2. 2 VLANs  VLANs  Trunking  VLAN Trunking Protocol (VTP)
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implement VTP LAN Switching and Wireless – Chapter 4.
© Wiley Inc All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 8: Virtual LANs (VLANs)
Sybex CCNA Chapter 9: VLAN’s Instructor & Todd Lammle.
VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.
Ethernet Errors and Problems
VTP VLAN Trunking Protocol
TCP/SYN Attack – use ACL to allow traffic from TCP connections that were established from the internal network and block packets from an external network.
VLAN Trunking Protocol
CIT 384: Network AdministrationSlide #1 CIT 384: Network Administration VLANs.
VLAN Trunking Protocol (VTP)
Building Cisco Multilayer Switched Networks (BCMSN)
VLAN Trunking Protocol (VTP)
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialBCMSN BCMSN v3.0—2-1 Correcting Common VLAN Configuration Errors BSMSN Module.
VLAN V irtual L ocal A rea N etwork VLAN Network performance is a key factor in the productivity of an organization. One of the technologies used to.
1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Remote access typically involves allowing telnet, SSH connections to the router Remote requires.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implementing: VTP VLAN Trunking Protocol LAN Switching and Wireless – Chapter.
VTP VTP or Virtual Trunking Protocol basically revises vlans on all the client switches once a change is made on server switch. It works over trunk links.
© 2002, Cisco Systems, Inc. All rights reserved..
Medium-Sized Switched Network Construction NetPro-ITI Implementing VLANs and Trunks.
VTP VLAN Trunking Protocol Create once and send to the other switches.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Implementing: VTP & VLAN Trunking Protocol Chapter.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 9 Virtual Trunking Protocol.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 8 Virtual LANs Cisco Networking Academy.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
Page 1 Switching Technologies Lecture 4C Hassan Shuja 03/28/2006.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Switching in an Enterprise Network Introducing Routing and Switching in the.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 9 VLAN Trunking Protocol Cisco Networking Academy.
Configuring VLAN Chapter 14 powered by DJ 1. Chapter Objectives At the end of this Chapter you will be able to:  Understand basic concept of VLAN  Configure.
Chapter 4 Version 1 Virtual LANs. Introduction By default, switches forward broadcasts, this means that all segments connected to a switch are in one.
CCNA3 v3 Module 9 v3 CCNA 3 Module 9 JEOPARDY K. Martin.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implement VTP LAN Switching and Wireless – Chapter 4.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement VTP LAN Switching and Wireless – Chapter 4.
VLAN Trunking Protocol
VLAN Trunking Protocol (VTP)
Cisco 3 - Switch Perrine. J Page 12/4/2016 Chapter 9 Which protocol is Cisco proprietary and designed to carry traffic from multiple VLANs? A Q.
VTP VLAN Trunking Protocol Create once and send to the other switches. VTP is a messaging protocol that uses Layer 2 trunk frames to manage the addition,
+ Lecture#8: VLAN Asma AlOsaimi Topics VLAN Segmentation VLAN Implementation VLAN Security and Design 3.0.
LAN Switching Virtual LANs. Virtual LAN Concepts A LAN includes all devices in the same broadcast domain. A broadcast domain includes the set of all LAN-connected.
Exploration 3 Chapter 4. What is VTP? VTP allows a network manager to configure a switch so that it will propagate VLAN configurations to other switches.
Instructor Materials Chapter 2: Scaling VLANs
Switching and VLANs.
LAN Switching and Wireless – Chapter 3
CCNA 3 Chapter 10 Virtual Trunking Protocol
Switching and VLANs.
Pertemuan 12 Virtual Trunking Protocol
VLAN Trunking Protocol
Introduction to Networking
Chapter 2: Scaling VLANs
CIS 187 CCNP SWITCH Multilayer Switched Networks Rick Graziani
LAN Switching and Wireless – Chapter 3
VLAN Trunking Protocol
Switching and VLANs.
Chapter 3: Implementing VLAN Security
CCNA 3 v3 JEOPARDY Module 9 CCNA3 v3 Module 9 K. Martin.
Chapter 2: Scaling VLANs
Virtual LAN VLAN Trunking Protocol and Inter-VLAN Routing
LAN Switching and Wireless – Chapter 3
LAN Switching and Wireless – Chapter 4
LAN Switching and Wireless – Chapter 3
LAN Switching and Wireless – Chapter 4
LAN Switching and Wireless – Chapter 4
LAN Switching and Wireless – Chapter 4
Presentation transcript:

Verify that management VLAN has been reassigned. Verify that operational VLANs do not have access to the management VLAN. Verify that the ports in the management VLAN are not configured as trunks.

A trunk is a point-to-point link between two network devices that carries traffic for more than one VLAN. A trunk allows you to extend the VLANs across an entire network. A trunk does not belong to a specific VLAN, rather it is a conduit for VLANs between switches and routers.

DTP is implemented by default on Cisco switches. DTP automatically negotiates how the port will operate, trunk or access mode. By default, a Cisco Ethernet port's default DTP mode is "dynamic desirable”, which enables a port to go to trunk mode automatically. Review the switch configuration to verify that DTP is disabled.

 VTP is a Cisco-proprietary messaging protocol used to distribute VLAN configuration information over trunks.  A switch may be in one of three VTP modes: server, transparent and client.  In server mode administrators can create, modify and delete VLANs for the entire VTP management domain.  By default, VTP – no authentication and the switch is in VTP Server mode.

If VTP is necessary, verify the following: VTP management domain is established. A strong password is assigned to the VTP management domain. Non-management switches are configured in client mode.

By auditing device for these basic hardening steps, overall security of the network can be improved. However, in all cases, a comprehensive review should be performed. Reference the works cited page for links to documented security configuration benchmarks and checklists.

Mark Krawczyk

Router Security Guidance Activity of the System and Network Attack Center (SNAC), Cisco IOS Switch Security Configuration Guide, Center for Internet Security, US-Cert, Information Assurance Support Environment, SANS Institute InfoSec Reading Room - Cisco Router Hardening Step-by-Step Cisco Checklist - Configuring a Cisco Router with TACACS+ Authentication. access-control-system-tacacs-/13865-tacplus.html access-control-system-tacacs-/13865-tacplus.html Cisco Guide to Harden Cisco IOS Devices, Document ID: Various Articles related to Cisco device security, NIST – National Vulnerability Database ISACA –

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.