© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Enterprise Network Security Accessing the WAN – Chapter 4.

Slides:



Advertisements
Similar presentations
Operating and Configuring Cisco IOS Devices © 2004 Cisco Systems, Inc. All rights reserved. Operating Cisco IOS Software INTRO v2.0—8-1.
Advertisements

Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Troubleshooting the Network Connecting Networks.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 LAN Connections Using the Cisco SDM.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Configuring and Testing Your Network Network Fundamentals – Chapter 11.
Enterprise Network Security Accessing the WAN Lecture week 4.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Configuring Network Devices Working at a Small-to-Medium Business or ISP – Chapter.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Implement Inter-VLAN Routing Chapter 6 Modified.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 Module Summary  Cisco routers operate at Layer 3, and their function is path determination.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Enterprise Network Security Accessing the WAN – Chapter 4.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Enterprise Network Security Accessing the WAN – Chapter 4.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Cisco Certified Network Associate CCNA Access the WAN Asst.Prof. It-arun.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter.
Operating Cisco IOS Software
1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Remote access typically involves allowing telnet, SSH connections to the router Remote requires.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Switch LAN Switching and Wireless – Chapter 2.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Configuring Network Devices Working at a Small-to-Medium Business or.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Basic Switch Concepts and Configuration Chapter.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Basic Switch Concept Prepared by: Akhyari Nasir Resources form Internet.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Design LAN Switching and Wireless – Chapter 1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Basic Security Networking for Home and Small Businesses – Chapter 8.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
The CLI uses a hierarchical structure for the modes. In order from top to bottom, the major modes are: User mode Privileged mode Global Configuration.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Configuring and Testing Your Network Network Fundamentals – Chapter 11.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Configuring and Testing Your Network Network Fundamentals – Chapter.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.
Enterprise Network Security Accessing the WAN – Chapter 4.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Basic Switch Configurations.
Chapter 4: Implementing Firewall Technologies
Firewalls2 By using a firewall: We can disable a service by throwing out packets whose source or destination port is the port number for that service.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 VLANs LAN Switching and Wireless – Chapter 3.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Router Initialization steps.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Troubleshooting an Enterprise Network Introducing Routing and Switching in.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
© 2001, Cisco Systems, Inc. CSPFA 2.0—16-1 Chapter 16 Cisco PIX Device Manager.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2002, Cisco Systems, Inc. All rights reserved..
Configuring Network Devices
Enterprise Network Security
Accessing the WAN – Chapter 5
Instructor Materials Chapter 7: Access Control Lists
Working at a Small-to-Medium Business or ISP – Chapter 8
Enterprise Network Security
Accessing the WAN – Chapter 5
Chapter 5: Network Security and Monitoring
Accessing the WAN – Chapter 5
Configuring Network Devices
Enterprise Network Security
Chapter 10: Advanced Cisco Adaptive Security Appliance
Enterprise Network Security
Presentation transcript:

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Enterprise Network Security Accessing the WAN – Chapter 4

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 2 Objectives  Describe the general methods used to mitigate security threats to Enterprise networks  Configure Basic Router Security  Explain how to disable unused Cisco router network services and interfaces  Explain how to use Cisco SDM  Manage Cisco IOS devices

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 3

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 4

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 5

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 6 Reconnaissance (also scouting) is a military and medical term denoting exploration conducted to gain information.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 7

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 8

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 9

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 10 What is a Security Policy?  A statement of rules by which people are given access to an organization’s technology and information assets to which they must abide

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 11 Functions of a Security Policy  Protects people and information  Sets rules for specific behavior by users, system administrators, management and security personnel  Authorizes security personnel to monitor, probe and investigate  Defines and authorizes the consequences of violators

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 12

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 13

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 14 Applying Cisco IOS Security Features to Routers 1.Manager router security 2.Secure remote administrative access to routers 3.Logging router activity 4.Secure venerable router services and interfaces 5.Secure router protocols 6.Control and filter network traffic

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 15 Passphrase Examples “All people seem to need data processing” Apstndp “My favourite spy is James Bond 007” Mfsijb007 “It was the best of time, it was the worst of times” iwtbotiwtwot “Fly me to the moon and let me play among the start” fmttmalmpats

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 16

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 17

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 18 Venerable Router Services

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 19 Venerable Router Services

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 20 Venerable Router Services

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 21 Venerable Router Services

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 22 Venerable Router Services

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 23 Venerable Router Services

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 24 Venerable Router Services

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 25 Venerable Router Services

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 26 Venerable Router Services

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 27 Venerable Router Services

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 28

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 29 SNMP, NTP, and DNS Vulnerabilities Protocol  SNMP  NTP  DNS Vulnerability Versions 1 & 2 pass management information & community strings (passwords) in clear text Leaves listening ports open and vulnerable Can help attackers connect IP addresses to domain names

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 30

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 31

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 32 Security Device Manager (SDM)

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 33 Cisco SDM Features  Imbedded web-based management tools  Intelligent wizards  Tools for more advanced users ACL VPN Crypto map editor Cisco IOS CLI preview

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 34

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 35

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 36

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 37

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 38

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 39

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 40

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 41

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 42

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 43

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 44

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 45 Cisco IOS Troubleshooting Commands SHOW Static Low overhead Gather facts DBUG Dynamic High overhead Observe Processes Processing Characteristic Processing load Primary use

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 46

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 47 Summary  Security Threats to an Enterprise network include: –Unstructured threats –Structured threats –External threats –Internal threats  Methods to lessen security threats consist of: –Device hardening –Use of antivirus software –Firewalls –Download security updates

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 48 Summary  Basic router security involves the following: –Physical security –Update and backup IOS –Backup configuration files –Password configuration –Logging router activity  Disable unused router interfaces & services to minimize their exploitation by intruders  Cisco SDM –A web based management tool for configuring security measures on Cisco routers

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 49 Summary  Cisco IOS Integrated File System (IFS) –Allows for the creation, navigation & manipulation of directories on a cisco device

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 50

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.