© 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir CCNP-SWITCHING 300-115 Mohamed Samir YouTube channel Double.

Slides:



Advertisements
Similar presentations
Securing the Router Chris Cunningham.
Advertisements

Radius based ssh authentication Location of Radius server – radius-server host auth-port 1812 acct-port 1813 key WinRadius – The same config.
Part III Working with Redundant Links
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 3 – Authentication, Authorization and Accounting.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel.
Part III Working with Redundant Links
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double.
Part III Working with Redundant Links
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel.
Part IV: Multilayer Switching
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
(Remote Access Security) AAA. 2 Authentication User named "flannery" dials into an access server that is configured with CHAP. The access server will.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod5_L11 1 Implementing Secure Converged Wide Area Networks (ISCW)
Chapter Three Authentication, Authorization, and Accounting
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double.
Setup a Cisco Switch with AAA Server CS580 Winter 2005 Presented by: Chris Orona Kevork Tamamian Xuong Tsan.
Authentication, Authorization, and Accounting
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double.
Chapter 18 RADIUS. RADIUS  Remote Authentication Dial-In User Service  Protocol used for communication between NAS and AAA server  Supports authentication,
802.1x Port Authentication via RADIUS By Oswaldo Perdomo cs580 Network Security.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
S6C12 - AAA AAA Facts. AAA Defined Authentication, Authorization, and Accounting Central Management of AAA –Information in a single, centralized, secure.
Brian Dwyer – CITA370. Introduction  Network Device Security  Identity Management AAA Process Model ○ Authentication ○ Authorization ○ Accounting (Sometimes.
Chapter 17 TACACS+.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Securing Network Services.
CCENT Review. Put the following descriptions in order from Layer 7 to Layer 1 and give the name of each layer.
Network Security1 – Chapter 3 – Device Security (B) Security of major devices: How to protect the device against attacks aimed at compromising the device.
Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.
© 2011 Internetwork All rights reserved. Cell: Samir CCNP-SWITCHING Mohamed Samir YouTube.
Router Hardening Nancy Grover, CISSP ISC2/ISSA Security Conference November 2004.
Part V: Monitoring Campus Networks
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 7 City College.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 5 City College.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel.
© 1999, Cisco Systems, Inc. 3-1 Configuring the Network Access Server for AAA Security.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Chapter 3: Authentication, Authorization, and Accounting
Part VI: Implementing High Availability
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Remote access typically involves allowing telnet, SSH connections to the router Remote requires.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double.
User Access to Router Securing Access.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Part III Working with Redundant Links.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 EDCS- Call Accounting and Call Detail Record Collection for UC500 Marcos.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Part V: Monitoring Campus Networks.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 6 City College.
Chapter 3: Authentication, Authorization, and Accounting
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Enterprise Network.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Agenda Instructor introduction 1. Introduction toEldarin 2.
AAA Services Authentication -Who ? -Management of the user’s identity Authorization -What can the user do? -Management of the granted services Accounting.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double.
Configuring AAA Kamyar Miremadi Laila Sherif Summer 2005.
RADIUS What it is Remote Authentication Dial-In User Service
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—3-1 Lesson 3 Cisco PIX Firewall Technology and Features.
Lesson 2a © 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—2-1 Firewall Technologies and the Cisco Security Appliance.
Access Control Authentication, Authorization, and Accounting
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 LAN Connections Understanding Cisco Router Security.
Chapter 2: Configure a Network Operating System
Access Control Chapter 3 Part 4 Pages 227 to 241.
Cisco Exam Questions IMPLEMENTING CISCO IOS NETWORK SECURITY (IINS V2.0) VERSION: Presents: 1.
Information Security Professionals
Marcos Hernandez, SMB Technical Marketing Engineer
Cisco Real Exam Dumps IT-Dumps
Ch. 7 Network Management CIS 187 Multilayer Switched Networks CCNP version 7 Rick Graziani Spring 2016.
Review - week 4 Basic device access security
Presentation transcript:

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double CCIEs #27042(R/S&SP)

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Part VII: Securing Switched Networks

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Managing Switch Users

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir AAA Authentication: Who is the user? Authorization: What is the user allowed to do? Accounting: What did the user do? AAA functions that are centralized, standardized, resilient, and flexible. Cisco switches can use the following two protocols to communicate with AAA servers: TACACS+: A Cisco proprietary secure and encrypted over TCP port 49 RADIUS: A standards-based uses UDP ports 1812 and 1813 (accounting), but is not completely encrypted

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Configuring Authentication Switch(config)# aaa new-model Switch(config)# username lastresort password Switch(config)# tacacs-server host key Switch(config)# tacacs-server host key Switch(config)# aaa group server tacacs+ myauthservers Switch(config-sg)# server Switch(config-sg)# server Switch(config-sg)# exit Switch(config)# aaa authentication login myauth group myauthservers local Switch(config)# line vty 0 15 Switch(config-line)# login authentication myauth

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Configuring Authorization Switch(config)# aaa authorization {commands | config-commands| configuration | exec | network | reverse-access} {default |list-name} method1 [method2...] For specific line Switch(config-line)# authorization {commands level | exec | reverse- access} {default | list-name} For all line Switch(config)# aaa authorization exec default group myauthservers none

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Configuring Accounting Switch(config)# aaa accounting {system | exec | commands level} {default | list-name} {start-stop | stop-only | wait-start | none} method1 [method2 For specific line Switch(config-line)# accounting {commands level | connection | exec} {default | list-name}

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Any questions ?

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Thank you for your time ! شكرا جزاكم الله خير

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.