Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 2: Basic Switching Concepts and Configuration

Published byDaniela Norman Modified over 6 years ago

Similar presentations

Presentation on theme: "Chapter 2: Basic Switching Concepts and Configuration"— Presentation transcript:

1 Chapter 2: Basic Switching Concepts and Configuration
Cisco Networking Academy program Routing & Switching Chapter 2: Introduction to Switched Networks Routing and Switching

2 Configuring Switch Ports Duplex Communication

3 Configuring Switch Ports Configuring Switch Ports at the Physical Layer

4 Configuring Switch Ports Auto-MDIX Feature
Certain cable types (straight-through or crossover) were historically required when connecting devices. The automatic medium-dependent interface crossover (auto-MDIX) feature eliminates this problem. When auto-MDIX is enabled, the interface automatically detects and appropriately configures the connection. When using auto-MDIX on an interface, the interface speed and duplex must be set to auto. Auto-MDIX Feature

5 Configuring Switch Ports Verifying Switch Port Configuration

6 Configuring Switch Ports Network Access Layer Issues

7 Configuring Switch Ports Network Access Layer Issues (cont.)

8 Basic Switch Configuration Preparing for Basic Switch Management
To remotely manage a Cisco switch, it must be configured to access the network. An IP address and a subnet mask must be configured. switch virtual interface (SVI). If managing the switch from a remote network, a default gateway must also be configured. Preparing for Basic Switch Management

9 Basic Switch Configuration Preparing for Basic Switch Management (cont

10 Basic Switch Configuration Preparing for Basic Switch Management (cont

11 Secure Remote Access SSH Operation
Because its strong encryption features, SSH should replace Telnet for management connections. SSH uses TCP port 22, by default. Telnet uses TCP port 23. SSH Operation

12 Secure Remote Access SSH Operation (cont.)

13 Secure Remote Access Configuring SSH

14 Security Concerns in LANs MAC Address Flooding
Switches automatically populate their CAM tables by watching traffic entering their ports. Switches forward traffic trough all ports if it cannot find the destination MAC in its CAM table. Such tool is a program created to generate and send out frames with bogus source MAC addresses to the switch port. MAC Address Flooding

15 Security Concerns in LANs MAC Address Flooding (cont.)

16 Security Concerns in LANs DHCP Spoofing
DHCP is a network protocol used to automatically assign IP information. DHCP Spoofing

17 Security Best Practices 10 Best Practices
Develop a written security policy for the organization. Shut down unused services and ports. Use strong passwords and change them often. Control physical access to devices. Use HTTPS instead of HTTP. Perform backup operations on a regular basis. Educate employees about social engineering attacks. Encrypt and password-protect sensitive data. Implement firewalls. Keep software up-to-date. Best Practices

18 Switch Port Security Secure Unused Ports
Disabling unused ports is a simple, yet efficient security guideline. Secure Unused Ports

19 Switch Port Security DHCP Snooping
DHCP Snooping specifies which switch ports can respond to DHCP requests DHCP Snooping

20 Switch Port Security Port Security: Operation
Port security limits the number of valid MAC addresses allowed on a port. Secure MAC addresses can be configured in a number of ways: Static secure MAC addresses Dynamic secure MAC addresses Sticky secure MAC addresses Port Security: Operation

21 Switch Port Security Port Security: Violation Modes
There are three possible actions to take when a violation is detected: Protect Restrict Shutdown Port Security: Violation Modes

22 Switch Port Security Dynamic Port Security Defaults

23 Switch Port Security Configuring Dynamic Port Security

24 Switch Port Security Configuring Port Security Sticky

25 Switch Port Security Verifying Port Security Sticky

26 Switch Port Security Verifying Port Security Stick – Running Configuration

27 Switch Port Security Ports in Error Disabled State
A port security violation can put a switch in error disabled state. A port in error disabled is effectively shutdown. The switch communicates these events through console messages. Ports in Error Disabled State

28 Switch Port Security Ports in Error Disabled State (cont.)
The show interface command also reveals a switch port on error disabled state. Ports In Error Disabled State

29 Switch Port Security Ports in Error Disabled State (cont.)
A shutdown or no shutdown interface configuration mode command must be issued to re-enable the port. Ports In Error Disabled State

30 Switch Port Security Network Time Protocol
The Network Time Protocol (NTP) is used to synchronize the clocks of computer systems data networks. Time sources can be: Local master clock Master clock on the Internet GPS or atomic clock Network Time Protocol (NTP) More info can be found at:

31 Switch Port Security Configuring NTP
More info can be found at:

32 Switch Port Security Verifying NTP
More info can be found at:

33

Download ppt "Chapter 2: Basic Switching Concepts and Configuration"

Similar presentations

Mitigating Layer 2 Attacks

Mitigating Layer 2 Attacks
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing And Switching 2.0.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing And Switching 2.0.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing and Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing and Switching.
Chapter 2: Introduction to Switched Networks

Chapter 2: Introduction to Switched Networks
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing and Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing and Switching.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Inter-VLAN Routing Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Inter-VLAN Routing Routing & Switching.
Sybex CCENT 100-101 Chapter 10: Layer 2 Switching Instructor & Todd Lammle.

Sybex CCENT Chapter 10: Layer 2 Switching Instructor & Todd Lammle.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
1 Routing Introduction to Routing Static Routing.

1 Routing Introduction to Routing Static Routing.
Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.

Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.
TCP/SYN Attack – use ACL to allow traffic from TCP connections that were established from the internal network and block packets from an external network.

TCP/SYN Attack – use ACL to allow traffic from TCP connections that were established from the internal network and block packets from an external network.
– Chapter 5 – Secure LAN Switching

– Chapter 5 – Secure LAN Switching
LAN Switching and Wireless – Chapter 2

LAN Switching and Wireless – Chapter 2
Network Security1 – Chapter 5 – Secure LAN Switching Layer 2 security –Port security –IP permit lists –Protocol filtering –Controlling LAN floods (using.

Network Security1 – Chapter 5 – Secure LAN Switching Layer 2 security –Port security –IP permit lists –Protocol filtering –Controlling LAN floods (using.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Switch LAN Switching and Wireless – Chapter 2.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Switch LAN Switching and Wireless – Chapter 2.
Saeed Darvish Pazoki – MCSE, CCNA Abstracted From: Cisco Press – ICND 1 – Chapter 9 Ethernet Switch Configuration 1.

Saeed Darvish Pazoki – MCSE, CCNA Abstracted From: Cisco Press – ICND 1 – Chapter 9 Ethernet Switch Configuration 1.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Basic Switch Concepts and Configuration Chapter.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Basic Switch Concepts and Configuration Chapter.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Basic Switch Concept Prepared by: Akhyari Nasir Resources form Internet.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Basic Switch Concept Prepared by: Akhyari Nasir Resources form Internet.
Enabling Port Security

Enabling Port Security

Similar presentations

Ads by Google