Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 11: It’s a Network

Published byJulie Underwood Modified over 6 years ago

Similar presentations

Presentation on theme: "Chapter 11: It’s a Network"— Presentation transcript:

1 Chapter 11: It’s a Network
Cisco Networking Academy program Introduction to Networking Chapter 11: It’s a Network Introduction to Networking

2 Chapter 11 11.0 Introduction 11.1 Create and Grow 11.2 Keeping the Network Safe 11.3 Basic Network Performance 11.4 Managing IOS Configuration Files 11.5 Integrated Routing Services 11.6 Summary Chapter 11

3 11.1 Create and Grow 11.1 Create and Grow

4 Devices in a Small Network Redundancy in a Small Network
Redundancy helps to eliminate single points of failure. Improves the reliability of the network. Redundancy in a Small Network

5 Devices in a Small Network Design Considerations for a Small Network
The following should be included in the network design: Secure file and mail servers in a centralized location. Protect the location by physical and logical security measures. Create redundancy in the server farm. Configure redundant paths to the servers. Design Considerations for a Small Network

6 IP telephony – The IP phone itself performs voice-to-IP conversion.
Protocols in a Small Network Real-Time Applications for a Small Network  Real-time applications require planning and dedicated services to ensure priority delivery of voice and video traffic. VoIP – Is implemented in organizations that still use traditional telephones. IP telephony – The IP phone itself performs voice-to-IP conversion. Real-time Video Protocols – Use Time Transport Protocol (RTP) and Real-Time Transport Control Protocol (RTCP). Real-Time Transport Protocol (RTP) works with UDP to provide rapid delivery of streaming media user. Real-Time Applications for a Small Network

7 Growing to Larger Networks Scaling a Small Network
Important considerations when growing to a larger network: Documentation –Physical and logical topology. Budget – Itemized IT expense items, including the amount of money allocated to equipment purchase for that fiscal year. Traffic Analysis – Protocols, applications, and services and their respective traffic requirements should be documented. Scaling a Small Network

8 11.2 Keeping the Network Safe

9 Network Device Security Measures Threats to Network Security
Categories of Threats to Network Security Categories of Threats to Network Security

10 Network Device Security Measures Types of Security Vulnerabilities
Types of Security Weaknesses: Technological Configuration Security policy Types of Security Vulnerabilities

11 Vulnerabilities and Network Attacks Viruses, Worms and Trojan Horses
Virus – Malicious software that is attached to another program to execute a particular unwanted function on a workstation. Trojan horse – An entire application written to look like something else, when in fact it is an attack tool. Worms – Worms are self-contained programs that attack a system and try to exploit a specific vulnerability in the target. The worm copies its program from the attacking host to the newly exploited system to begin the cycle again. Viruses, Worms and Trojan Horses

12 Vulnerabilities and Network Attacks Denial of Service Attacks (DoS)
DoS Attacks

13 Mitigating Network Attacks Backup, Upgrade, Update, and Patch
Antivirus software can detect most viruses and many Trojan horse applications and prevent them from spreading in the network. Keep current with the latest versions of antivirus software. Install updated security patches. Backup, Upgrade, Update, and Patch

14 Authentication, Authorization, and Accounting (AAA, or “triple A”)
Mitigating Network Attacks Authentication, Authorization, and Accounting Authentication, Authorization, and Accounting (AAA, or “triple A”)  Authentication – Users and administrators must prove their identity. Authentication can be established using username and password combinations, challenge and response questions, token cards, and other methods. Authorization – Determines which resources the user can access and the operations that the user is allowed to perform. Accounting – Records what the user accessed, the Accounting keeps track of the actions of the user. Authentication, Authorization, and Accounting

15 Mitigating Network Attacks Firewalls
A Firewall resides between two or more networks. It controls traffic and helps prevent unauthorized access. Methods used are: Packet Filtering Application Filtering URL Filtering Firewalls Firewalls

16 Securing Devices Introduction to Securing Devices
Part of network security is securing devices, including end devices and intermediate devices. Default usernames and passwords should be changed immediately. Access to system resources should be restricted to only the individuals that are authorized to use those resources. Any unnecessary services and applications should be turned off and uninstalled, when possible. Update with security patches as they become available. Introduction to Securing Devices

17 Securing Devices Passwords
Weak and Strong Passwords Passwords

18 Securing Devices Basic Security Practices
Encrypt passwords. Require minimum length passwords. Block brute force attacks. which help mitigate brute-force password attacks against the router Use Banner Message.  Basic Security Practices

19 Securing Devices Enable SSH

20 11.3 Basic Network Performance

21 Tracert Interpreting Tracert Messages

22 Show Commands Viewing Router Settings With Show Version
Cisco IOS Version System Bootstrap  Cisco IOS Image CPU and RAM Number and Type of Physical Interfaces  Viewing Router Settings with the Show Version Command Amount of NVRAM Amount of Flash Configuration Register

23 Show Commands Viewing Switch Settings With Show Version
show version Command Viewing Switch Settings with Show Version

24 Host and IOS Commands ipconfig Command Options
ipconfig – Displays ip address, subnet mask, default gateway. ipconfig /all – Also displays MAC address. ipconfig /displaydns – Displays all cached dns entries in a Windows system. ipconfig Command Options

25 Host and IOS Commands arp Command Options

26 Host and IOS Commands Using show ip interface brief Command
show ip interface brief command-used to verify the status of all network interfaces on a router or a switch. Using the show ip interface brief Command

27 11.4 Managing IOS Configuration Files

28 Backup and Restore Configuration Files Backup and Restore Using TFTP
Configuration files can be stored on a Trivial File Transfer Protocol (TFTP) server. copy running-config tftp – Save running configuration to a tftp server. copy startup-config tftp – Save startup configuration to a tftp server. Backing up and Restore using TFTP

29 11.5 Integrated Routing Services

30 Integrated Router Wireless Capability
Wireless Mode – Most integrated wireless routers support b, g and n. Service Set Identifier (SSID) – Case-sensitive, alpha-numeric name for your home wireless network. Wireless Channel – RF spectrum can be divided up into channels. Linksys Wireless Settings Wireless Capability

31 Integrated Router Basic Security of Wireless
Change default values Disable SSID broadcasting Configure Encryption using WEP or WPA Wired Equivalency Protocol (WEP) - Uses pre-configured keys to encrypt and decrypt data. Every wireless device allowed to access the network must have the same WEP key entered. Wi-Fi Protected Access (WPA) – Also uses encryption keys from 64 bits up to 256 bits. New keys are generated each time a connection is established with the AP; therefore, more secure. Basic Security of Wireless

32 Integrated Router Configuring the Integrated Router
Step 1 - Access the router by cabling a computer to one of the router’s LAN Ethernet ports. Step 2 - The connecting device will automatically obtain IP addressing information from Integrated Router. Step 3 - Change default username and password and the default Linksys IP address for security purposes. Initial Access to the Router Configuring the Integrated Router

33 Integrated Router Enabling Wireless
Step 1 - Configure the wireless mode Step 2 - Configure the SSID Step 3 - Configure RF channel Step 4 - Configure any desired security encryption Enabling Wireless

34 Integrated Router Configure a Wireless Client
The wireless client configuration settings must match that of the wireless router.  SSID Security Settings Channel Wireless client software can be integrated into the device operating system or stand alone, downloadable, wireless utility software. Configure a Wireless Client

35 Chapter 11: Summary In this chapter, you learned:
Good network design incorporates reliability, scalability, and availability. Networks must be secured from viruses, Trojan horses, worms and network attacks. The importance of documenting Basic Network Performance. How to test network connectivity using ping and traceroute. How to use IOS commands to monitor and view information about the network and network devices. How to backup configuration files using TFTP or USB. Home networks and small business often use integrated routers, which provide the functions of a switch, router and wireless access point. 11.6 Summary

36

Download ppt "Chapter 11: It’s a Network"

Similar presentations

Chapter 11: It’s a Network

Chapter 11: It’s a Network
Introduction to Networks

Introduction to Networks
Chapter 11: It’s a Network

Chapter 11: It’s a Network
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 11: Its a Network Introduction to Networking.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 11: Its a Network Introduction to Networking.
Managing Cisco IOS Software. Overview The router boot sequence Locating IOS software The configuration register Recovering Passwords Backing Up the Cisco.

Managing Cisco IOS Software. Overview The router boot sequence Locating IOS software The configuration register Recovering Passwords Backing Up the Cisco.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Enterprise Network Security Accessing the WAN Lecture week 4.

Enterprise Network Security Accessing the WAN Lecture week 4.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Release 16/07/2009Jetking Infotrain Ltd. Basic Router Configuration Chapter 5.

Release 16/07/2009Jetking Infotrain Ltd. Basic Router Configuration Chapter 5.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Introduction to Scaling Networks Scaling Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Introduction to Scaling Networks Scaling Networks.
Discovery 2 Internetworking Module 8 JEOPARDY K. Martin.

Discovery 2 Internetworking Module 8 JEOPARDY K. Martin.
1 Router Fundamentals (Ref. CCNA5 Introduction to Networks 2.1, 6.3)

1 Router Fundamentals (Ref. CCNA5 Introduction to Networks 2.1, 6.3)
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Router Initialization steps.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Router Initialization steps.

Similar presentations

Ads by Google