1 Putting 2 & 2 Together By Stephen Dugan, CCSI

Slides:



Advertisements
Similar presentations
Chapter 1: Introduction to Scaling Networks
Advertisements

UTC-N Overview of Campus Networks Design.
Sales Guide for DES-3810 Series Aug 2011 D-Link HQ.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
Module CSY3021 Network Planning and Programming RD-CSY /09 1.
Scalable Network Design Ryan J. Determan, CCIE 5276 Scalable Network Design Ryan J. Determan, CCIE 5276 Copyright 2002 DDLS.
1 © 2003, Cisco Systems, Inc. All rights reserved. Vyncke ethernet security Ethernet: Layer 2 Security Eric Vyncke Cisco Systems Distinguished Engineer.
1 13-Jun-15 S Ward Abingdon and Witney College LAN design CCNA Exploration Semester 3 Chapter 1.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—3-1 Implementing Spanning Tree Describing STP Stability Mechanisms.
Implementing a Highly Available Network
1 © 2003, Cisco Systems, Inc. All rights reserved. Computer Networks 6 Halmstad University Olga Torstensson
1 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Is It Routing or Is It Layer 3 Switching? YES!
Layer 2 Security – No Longer Ignored Security Possibilities at Layer 2 Allan Alton, BSc CISA CISSP NetAnalyst UBC October 18, 2007.
FSM7328S / FSM7352S Product Training Managed Layer 3 Stackable Switching at Layer 2 Pricing Demetrios Coulis March, 2005.
© 2011 Internetwork All rights reserved. Cell: Samir CCNP-SWITCHING Mohamed Samir YouTube.
© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public TSHOOT v6 Chapter 10 1 Chapter 10: Review and Preparation for Troubleshooting Complex.
Chapter 1: Hierarchical Network Design
Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:
Secure LAN Switching Layer 2 security Introduction Port-level controls
– Chapter 4 – Secure Routing
TCP/SYN Attack – use ACL to allow traffic from TCP connections that were established from the internal network and block packets from an external network.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Spanning Tree Protocols LAN Switching and Wireless – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implement Spanning Tree Protocols LAN Switching and Wireless – Chapter 5.
Network Admin Course Plan Accede Institute Of Science & Technology.
Example STP runs on bridges and switches that are 802.1D-compliant. There are different flavors of STP, but 802.1D is the most popular and widely implemented.
Enterprise Networking Brandon Wagner BYU OIT Network Engineer.
The University of Bolton School of Games Computing & Creative Technologies LCT2516 Network Architecture CCNA Exploration LAN Switching and Wireless Chapter.
1 LAN design- Chapter 1 CCNA Exploration Semester 3 Modified by Profs. Ward and Cappellino.
VolNet2 Bill White Network Services. September 20, 2004OIT Fall Staff Meeting Why Volnet2? Based on the Security Assessment findings Insecure protocols.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introducing Network Design Concepts Designing and Supporting Computer Networks.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Introduction to Scaling Networks Scaling Networks.
© 1999, Cisco Systems, Inc. 1-1 Chapter 2 Overview of a Campus Network © 1999, Cisco Systems, Inc.
Secure Wired Local Area Network( LAN ) By Sentuya Francis Derrick ID Module code:CT3P50N BSc Computer Networking London Metropolitan University.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Network Design Concepts Designing and Supporting Computer Networks.
Routing, VLANs and Network Segmentation. Nick Rowlett Technology Director – Sparta Schools Cisco Certified Network Administrator Microsoft Certified System.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Ethernet Network Fundamentals – Chapter 9.
Switching Topic 6 Rapid spanning tree protocol. Agenda RSTP features – Port states – Port roles – BPDU format – Edge ports and link types – Proposals.
Network design Topic 4 LAN design. Agenda Modular design Hierarchal model Campus network design Design considerations Switch features.
Chapter 6: Securing the Local Area Network
Implementing MST on a Large Campus Implementing MST in a Large Campus Environment February 13, 2007 Rich Ingram
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Switching in an Enterprise Network Introducing Routing and Switching in the.
1 RST _05_2001_c1 © 2001, Cisco Systems, Inc. All rights reserved. LAN Protocols Bill Dufresne SE-IV Cisco Systems CCIE, Content/Video Specialist.
Lecture3 Secured Network Design W.Lilakiatsakun.  Spanning Tree Protocol (STP)  Attack on Spanning Tree Protocol Topics.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Hierarchical Network Design Connecting Networks.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Design Chapter One.
Chapter-5 STP. Introduction Examine a redundant design In a hierarchical design, redundancy is achieved at the distribution and core layers through additional.
© 1999, Cisco Systems, Inc. 1-1 Chapter 1 Introduction.
Semester 3 The Final Exam?? Fastest Card Question 1 A) MAC addressB) Software specifications C) Hardware specificationsD) Configuration of peripherals.
انجمن سیسکو به پارسی آشنایی با برخی حملات در لایه 2 آشنایی با برخی حملات در لایه 2 علیرضا.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
أمن المعلومات لـ أ. عبدالرحمن محجوب حمد mtc.edu.sd أمن المعلومات Information Security أمن المعلومات Information Security  أ. عبدالرحمن محجوب  Lec (5)
100% Exam Passing Guarantee & Money Back Assurance
Chapter 1: Fundamentals Review
Implement Spanning Tree Protocols
Instructor Materials Chapter 1: LAN Design
ETHANE: TAKING CONTROL OF THE ENTERPRISE
Implement Spanning Tree Protocols
Implement Spanning Tree Protocols
© 2002, Cisco Systems, Inc. All rights reserved.
CIT 274 Possible Is Everything/tutorialrank.com
CIT 274Competitive Success/snaptutorial.com
CIT 274 Education for Service/tutorialrank.com
CIT 274 Education for Service-- snaptutorial.com
CIT 274 Teaching Effectively-- snaptutorial.com
인터넷 구조 2002년 2학기 장주욱.
Chapter 16 Connecting LANs, Backbone Networks, and Virtual LANs
Spanning Tree Protocol (STP)
Implement Spanning Tree Protocols
Presentation transcript:

1 Putting 2 & 2 Together By Stephen Dugan, CCSI

2 Introduction Welcome to the presentation and Thank you for coming!  Who is the speaker?  What is the focus of the presentation?

3 Agenda  Introduction  Section 1 – Current Design Best Practices  Section 2 – Emerging Design Practices  Extras?

4 Section 1 Current Design Model

5 Building Block of Network Design Distribution Access CORE WANWANInternetInternetPSTNPSTN Server Farm Building Block Additions Ethernet Layer 2 or Layer 3

6 Section 1 – Current Design Model Features: Link redundancy Load-Sharing Fast Convergence Manageable Scalable Security could be stronger….

7 Section 1 – Current Design Model L2 Functions that provide security: Root Guard PortFast BPDU Guard Port Security Management VLAN Private VLANs

8 Section 1 – Current Design Model L3 Functions that provide security: ACLs at Distribution Layer: Ingress - Egress from Core Route Filtering Network Based IDS (if used?!?)

9 Section 1 – Current Design Model Hard issues to Address with this design: HSRP insecurities STP weaknesses ARP Spoofing Common mis-configurations

10 Section 2 Emerging Changes to Design Model

11 Section 2 – Emerging Changes Main Changes is focusing around bringing the Layer 3 Routing functionality close to the end stations. OR R2D Routing to Desktop

12 Section 2 – Emerging Changes Access Layer 3 Distribution Layer 3 Core L2 or L3 From the Physical Layout it looks the same (Good news no Rewire!)

13 Section 2 – Emerging Changes With L3 Capabilities within the Access-Layer Box: HSRP isn’t needed STP is irrelevant Routing to Distribution Layer Concept of “Private-VLANs” can be implemented easily L3

14 Section 2 – Emerging Changes Security Problems Solved: ARP Spoofing ROOT Take over HSRP MiTM Attack (or DOS) Better QOS handling (NBAR) L3

15 Section 2 – Emerging Changes Access Layer GigE Dist. OSPF or EIGRP VLAN 2 VLAN 3 VLAN 4 VLAN 5 VLAN 6

16 Links  General Cisco Security ml#http ml#http ents/IOSEssentialsPDF.zip ents/IOSEssentialsPDF.zip /epso/sqfr/safe_wp.htm  Design /lnso/cpso/gcnd_wp.htm /lnso/cpso/gcnd_wp.htm

17 Thank you for coming!! Special thanks to Jeff Moss, Keith Myers and the rest of the Black Hat Crew.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.