Presentation is loading. Please wait.

Presentation is loading. Please wait.

1/117 Switch internals Floor SwitchCore Switch L3 Default NSNA port VLAN L2 Filter NSNA default VLANs access Filter per VLAN DHCP Relay Agent DHCP Relay.

Published byLorraine Spencer Modified over 8 years ago

Similar presentations

Presentation on theme: "1/117 Switch internals Floor SwitchCore Switch L3 Default NSNA port VLAN L2 Filter NSNA default VLANs access Filter per VLAN DHCP Relay Agent DHCP Relay."— Presentation transcript:

1 1/117 Switch internals Floor SwitchCore Switch L3 Default NSNA port VLAN L2 Filter NSNA default VLANs access Filter per VLAN DHCP Relay Agent DHCP Relay additional VLANs VoIP drop all except: DHCP, DNS ARP, ICMP, UNISTIM UDP port RTP UPD ports Filter restrict each VLAN down to the minimum of communication Department: devolvement drop all except: DHCP, DNS, ARP, SMB HTTP/HTTPS destined to SNAS restricted drop all except: DHCP, DNS, ARP, SMB HTTP/HTTPS destined to SNAS Guest drop all except: DHCP, DNS, ARP, ICMP HTTP/HTTPS destined to SNAS all traffic to internet Printer drop all except: DHCP, DNS ARP, ICMP, LPR, IPP, TCP/515 & 9100 All from source Print Server Remediation drop all except: DHCP, DNS, ARP, ICMP HTTP/HTTPS destined to SNAS all traffic to Yellow-1 Subnet Department: engineering drop all except: DHCP, DNS, ARP, SMB HTTP/HTTPS destined to SNAS Port assignment either static or 802.1x or NSNA

2 2/117 Enter the network SNASFloor SwitchCore Switch L3 DHCPDNS LDAP Radius request IP start Internet Explorer and open a web page (www.google.com) Login through the captive portal validate user connect PC Tunnel Guard check L2 DHCP provides IP = red VLAN IP DNS = SNAS VIP PC DNS query goes to the SNAS VIP and get the VIP back www.google.com = SNAS VIP

3 3/117 Integrity check fails Floor SwitchCore Switch DHCPDNSRemediation corporate policy compliant L2 reconfigure switch => NO inform Access Controller issue new IP (triggered through TG) TG inform third party application L3 SNAS

4 4/117 Integrity check fails => pass Floor SwitchCore Switch Server Farm DHCPDNS L2L3 corporate policy compliant reconfigure switch inform Access Controller issue new IP (triggered through TG) => OK ready to work SNAS

5 5/117 Integrity check pass Floor SwitchCore Switch Server Farm DHCPDNS L2L3 corporate policy compliant reconfigure switch inform Access Controller issue new IP (triggered through TG) => OK ready to work SNAS

6 6/117 Voice over IP (i200x) Floor SwitchCore Switch central voice services DHCPDNS L2L3 connect IP phone DHCP-SV provide the VLAN ID request IP ready to work SNAS inform Access Controller tagging DHCP offer with VLAN tag ID with IP from white IP range DHCP provide the call SV parameter request IP again with VLAN ID tag

Download ppt "1/117 Switch internals Floor SwitchCore Switch L3 Default NSNA port VLAN L2 Filter NSNA default VLANs access Filter per VLAN DHCP Relay Agent DHCP Relay."

Similar presentations

Everything.

Everything.
KX-HGT100 SIP-Phone. KX-HGT100 Configuration (1) User name: KX-HGT100 Password: kx-hgt100 1.Connect the HGT100 to the LAN via a suitable switch port 2.Power.

KX-HGT100 SIP-Phone. KX-HGT100 Configuration (1) User name: KX-HGT100 Password: kx-hgt100 1.Connect the HGT100 to the LAN via a suitable switch port 2.Power.
©2012 ClearOne Communications. Confidential and proprietary. COLLABORATE ® Video Conferencing Networking Basics.

©2012 ClearOne Communications. Confidential and proprietary. COLLABORATE ® Video Conferencing Networking Basics.
CCNPv5 Minimizing Service Loss and Data Theft in a Campus Network 1 Minimizing Service Loss and Data Theft in a Switched BCMSN Module 8 – Sec 2.

CCNPv5 Minimizing Service Loss and Data Theft in a Campus Network 1 Minimizing Service Loss and Data Theft in a Switched BCMSN Module 8 – Sec 2.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
WAN Connectivity The VMO Wide Area Network will extend between all stores, offices, and Lyon, France We have designed a highly redundant network with.

WAN Connectivity The VMO Wide Area Network will extend between all stores, offices, and Lyon, France We have designed a highly redundant network with.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.

CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.
網際網路協定基礎介紹 Data Communications and Computer Networks: A Business User’s Approach Fifth Edition (Chap 10)

網際網路協定基礎介紹 Data Communications and Computer Networks: A Business User’s Approach Fifth Edition (Chap 10)
H.323/ SIP Internet Telephony Gateway

H.323/ SIP Internet Telephony Gateway
Everything. MACIP End-host IP: 10.1.2.3 MAC: 11:11:11:11:11 gateway IP: 10.1.2.1 MAC: 22:22:22:22:22 Google server IP: 201.1.2.3 MACIP MACInterfaceMACInterface.

Everything. MACIP End-host IP: MAC: 11:11:11:11:11 gateway IP: MAC: 22:22:22:22:22 Google server IP: MACIP MACInterfaceMACInterface.
Lecture 8 Modeling & Simulation of Communication Networks.

Lecture 8 Modeling & Simulation of Communication Networks.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
RADIUS Server (Brocade Controller)

RADIUS Server (Brocade Controller)
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.
Advanced Networking for DVRs

Advanced Networking for DVRs
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
CNT-150VT. Question #1 Your name Question #2 Your computer number ##

CNT-150VT. Question #1 Your name Question #2 Your computer number ##

Similar presentations

Ads by Google