SlideShare a Scribd company logo

CCNA (R & S) Module 02 - Connecting Networks - Chapter 5

Download as PPTX, PDF
Waqas Ahmed Nawaz, profile picture
Waqas Ahmed Nawaz

The document discusses network security and monitoring, focusing on LAN security, SNMP, and the Cisco Switch Port Analyzer (SPAN). It outlines common LAN attacks, mitigation techniques, and best practices for securing Layer 2 networks, as well as SNMP functionality and configuration. Additionally, it highlights how SPAN can be used as a troubleshooting tool to analyze network traffic.

Technology
1 of 22
Downloaded 16 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1 Chapter 5: Network Security and Monitoring Connecting Networks
Presentation_ID 2© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Chapter 5 - Sections & Objectives  5.1 LAN Security • Explain how to mitigate common LAN security.  5.2 SNMP • Configure SNMP to monitor network operations in a small to medium- sized business network.  5.3 Cisco Switch Port Analyzer (SPAN) • Troubleshoot a network problem using SPAN.
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 3 5.1 LAN Security
Presentation_ID 4© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential LAN Security LAN Security Attacks  Common attacks against the Layer 2 LAN infrastructure include: • CDP Reconnaissance Attacks • Telnet Attacks • MAC Address Table Flooding Attacks • VLAN Attacks • DHCP Attacks
Presentation_ID 5© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  This topic covers several Layer 2 security solutions: • Mitigating MAC address table flooding attacks using port security • Mitigating VLAN attacks • Mitigating DHCP attacks using DHCP snooping • Securing administrative access using AAA • Securing device access using 802.1X port authentication LAN Security LAN Security Best Practices
Presentation_ID 6© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  There are several strategies to help secure Layer 2 of a network: • Always use secure variants of these protocols such as SSH, SCP, SSL, SNMPv3, and SFTP. • Always use strong passwords and change them often. • Enable CDP on select ports only. • Secure Telnet access. • Use a dedicated management VLAN where nothing but management traffic resides. • Use ACLs to filter unwanted access. LAN Security LAN Security Best Practices
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 7 5.2 SNMP
Presentation_ID 8© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential SNMP SNMP Operation  SNMP allows administrators to manage and monitor devices on an IP network.  SNMP Elements • SNMP Manager • SNMP Agent • MIB  SNMP Operation • Trap • Get • Set
Presentation_ID 9© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential SNMP SNMP Operation  SNMP Security Model and Levels
Presentation_ID 10© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential SNMP Configuring SNMP  Configuration steps • Configure community string • Document location of device • Document system contact • Restrict SNMP Access • Specify recipient of SNMP Traps • Enable traps on SNMP agent
Presentation_ID 11© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential SNMP Configuring SNMP  Securing SNMPv3
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 12 5.3 Cisco Switch Port Analyzer (SPAN)
Presentation_ID 13© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Cisco Switch Port Analyzer SPAN Overview  Port mirroring • The port mirroring feature allows a switch to copy and send Ethernet frames from specific ports to the destination port connected to a packet analyzer. The original frame is still forwarded in the usual manner.
Presentation_ID 14© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Cisco Switch Port Analyzer SPAN Overview  SPAN terminology
Presentation_ID 15© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Cisco Switch Port Analyzer SPAN Overview  RSPAN terminology
Presentation_ID 16© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Cisco Switch Port Analyzer SPAN Configuration  Use monitor session global configuration command
Presentation_ID 17© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Cisco Switch Port Analyzer SPAN as a Troubleshooting Tool  SPAN allows administrators to troubleshoot network issues  Administrator can use SPAN to duplicate and redirect traffic to a packet analyzer  Administrator can analyze traffic from all devices to troubleshoot sub-optimal operation of network applications
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 18 5.4 Chapter Summary
Presentation_ID 19© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Chapter Summary Summary  At Layer 2, a number of vulnerabilities exist that require specialized mitigation techniques: • MAC address table flooding attacks are addressed with port security. • VLAN attacks are controlled by disabling DTP and following basic guidelines for configuring trunk ports. • DHCP attacks are addressed with DHCP snooping.  The SNMP protocol has three elements: the Manager, the Agent, and the MIB. The SNMP manager resides on the NMS, while the Agent and the MIB are on the client devices. • The SNMP Manager can poll the client devices for information, or it can use a TRAP message that tells a client to report immediately if the client reaches a particular threshold. SNMP can also be used to change the configuration of a device.
Presentation_ID 20© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Summary Continued  SNMPv3 is the recommended version because it provides security.  SNMP is a comprehensive and powerful remote management tool. Nearly every item available in a show command is available through SNMP.  Switched Port Analyzer (SPAN) is used to mirror the traffic going to and/or coming from the host. It is commonly implemented to support traffic analyzers or IPS devices.
Presentation_ID 21© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Presentation_ID 22© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

More Related Content

PPTX
CCNA Course Training Presentation
Rohit Singh
 
PPTX
CCNA 1 Routing and Switching v5.0 Chapter 4
Nil Menon
 
PPTX
WPA-3: SEA and Dragonfly
Napier University
 
PPT
Spanning Tree Protocol
Manoj Gharate
 
PPTX
CCNA 2 Routing and Switching v5.0 Chapter 4
Nil Menon
 
PPTX
Subnetting
swascher
 
PPTX
CCNA v6.0 ITN - Chapter 08
Irsandi Hasan
 
PPT
IP Addressing
Kishore Kumar
 
CCNA Course Training Presentation
Rohit Singh
 
CCNA 1 Routing and Switching v5.0 Chapter 4
Nil Menon
 
WPA-3: SEA and Dragonfly
Napier University
 
Spanning Tree Protocol
Manoj Gharate
 
CCNA 2 Routing and Switching v5.0 Chapter 4
Nil Menon
 
Subnetting
swascher
 
CCNA v6.0 ITN - Chapter 08
Irsandi Hasan
 
IP Addressing
Kishore Kumar
 

What's hot (20)

PPTX
Network Devices
Kirti Verma
 
PPT
Cisco Packet Tracer Overview
Ali Usman
 
PPTX
Ip addressing
Tanvir Amin
 
PPTX
Wired equivalent privacy (wep)
akruthi k
 
PPTX
Network protocol
PriyangaRajaram
 
PPTX
CCNA 2 Routing and Switching v5.0 Chapter 9
Nil Menon
 
PPTX
Wifi Security
Shital Kat
 
PPTX
Basic of IPv6
Jubin Aghara
 
PDF
BGP on RouterOS7 - Part 2
GLC Networks
 
PPSX
Subnetting
selvakumar_b1985
 
PPT
IP Addressing and subnetting
Ali Nezhad
 
PPTX
wireless communication security PPT, presentation
Nitesh Dubey
 
PDF
Troubleshooting Firewalls (2012 San Diego)
Cisco Security
 
PPTX
Basics of IP Addressing
Kushal Sheth
 
PPT
Ip Addressing
vssnsarma
 
PPTX
Tipos de socket
conrado perea
 
PPTX
Ip and icmp
Programmer
 
PPSX
بحث علمي عن الهاكرز . Hackers
Abdullah AlQarni
 
PPTX
Virtual Routing and Forwarding, (VRF-lite)
NetProtocol Xpert
 
PDF
10 palo alto nat policy concepts
Mostafa El Lathy
 
Network Devices
Kirti Verma
 
Cisco Packet Tracer Overview
Ali Usman
 
Ip addressing
Tanvir Amin
 
Wired equivalent privacy (wep)
akruthi k
 
Network protocol
PriyangaRajaram
 
CCNA 2 Routing and Switching v5.0 Chapter 9
Nil Menon
 
Wifi Security
Shital Kat
 
Basic of IPv6
Jubin Aghara
 
BGP on RouterOS7 - Part 2
GLC Networks
 
Subnetting
selvakumar_b1985
 
IP Addressing and subnetting
Ali Nezhad
 
wireless communication security PPT, presentation
Nitesh Dubey
 
Troubleshooting Firewalls (2012 San Diego)
Cisco Security
 
Basics of IP Addressing
Kushal Sheth
 
Ip Addressing
vssnsarma
 
Tipos de socket
conrado perea
 
Ip and icmp
Programmer
 
بحث علمي عن الهاكرز . Hackers
Abdullah AlQarni
 
Virtual Routing and Forwarding, (VRF-lite)
NetProtocol Xpert
 
10 palo alto nat policy concepts
Mostafa El Lathy
 
Ad

Similar to CCNA (R & S) Module 02 - Connecting Networks - Chapter 5 (20)

PPTX
CCNA4 Verson6 Chapter5
Chaing Ravuth
 
PDF
CCNAv5 - S4: Chapter8 monitoring the network
Vuz Dở Hơi
 
PDF
L2 Attacks.pdf
vinaykumar947680
 
PDF
Implementing Cisco Network Security Exam (210-260)
Jhoni Guerrero
 
PPT
Cisco L3 security and CCIE training .ppt
AniruddhSharma65
 
PDF
ITN6_Instructor_Materials_Chapter11.pdf
ThangDang53
 
PPTX
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
Waqas Ahmed Nawaz
 
PDF
The Network as a Sensor, Cisco and Lancope
Cisco Enterprise Networks
 
PPTX
Network Security v1.0 Current State of Affairs - Module 1.pptx
roanmhammed
 
PPTX
Cisco Network Security Training slides.pptx
522pqhfn6b
 
PPTX
Network Security v1.0 Network Security v
SYYULIANISKOMMT
 
PDF
CCNP Security-Secure
mohannadalhanahnah
 
PDF
CCNA4v5 Chapter 8 - Monitoring the Netwok
Ahmed Gad
 
PPTX
Encor chapter 1_packet forwarding
merhatsidikmelke
 
PPTX
Layer Two ( 2 ) Security of Cisco switch
ssuserb1479b
 
PPTX
Network Security.pptx
John572978
 
PPTX
ENCOR_Capitulo 1.pptx
ManuelRojas960410
 
PPTX
CCNA 2 Routing and Switching v5.0 Chapter 2
Nil Menon
 
PPTX
Ccna v5-S1-Chapter 11
Hamza Malik
 
PPT
Cisco Security Training on ASA and FMC.ppt.ppt
AniruddhSharma65
 
CCNA4 Verson6 Chapter5
Chaing Ravuth
 
CCNAv5 - S4: Chapter8 monitoring the network
Vuz Dở Hơi
 
L2 Attacks.pdf
vinaykumar947680
 
Implementing Cisco Network Security Exam (210-260)
Jhoni Guerrero
 
Cisco L3 security and CCIE training .ppt
AniruddhSharma65
 
ITN6_Instructor_Materials_Chapter11.pdf
ThangDang53
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
Waqas Ahmed Nawaz
 
The Network as a Sensor, Cisco and Lancope
Cisco Enterprise Networks
 
Network Security v1.0 Current State of Affairs - Module 1.pptx
roanmhammed
 
Cisco Network Security Training slides.pptx
522pqhfn6b
 
Network Security v1.0 Network Security v
SYYULIANISKOMMT
 
CCNP Security-Secure
mohannadalhanahnah
 
CCNA4v5 Chapter 8 - Monitoring the Netwok
Ahmed Gad
 
Encor chapter 1_packet forwarding
merhatsidikmelke
 
Layer Two ( 2 ) Security of Cisco switch
ssuserb1479b
 
Network Security.pptx
John572978
 
ENCOR_Capitulo 1.pptx
ManuelRojas960410
 
CCNA 2 Routing and Switching v5.0 Chapter 2
Nil Menon
 
Ccna v5-S1-Chapter 11
Hamza Malik
 
Cisco Security Training on ASA and FMC.ppt.ppt
AniruddhSharma65
 
Ad

More from Waqas Ahmed Nawaz (20)

PPTX
CCNA (R & S) Module 04 - Scaling Networks - Chapter 9
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 04 - Scaling Networks - Chapter 8
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 04 - Scaling Networks - Chapter 7
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 04 - Scaling Networks - Chapter 6
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 04 - Scaling Networks - Chapter 5
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 04 - Scaling Networks - Chapter 4
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 04 - Scaling Networks - Chapter 3
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 04 - Scaling Networks - Chapter 2
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 04 - Scaling Networks - Chapter 1
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 04 - Scaling Networks - Chapter 10
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 10
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 8
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 6
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 5
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 4
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 3
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 2
Waqas Ahmed Nawaz
 
PPTX
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 9
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 8
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 7
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 6
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 5
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 4
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 3
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 2
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 1
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 10
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 10
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 8
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 6
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 5
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 4
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 3
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 2
Waqas Ahmed Nawaz
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
Waqas Ahmed Nawaz
 

Recently uploaded (20)

PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
Encapsulation theory and applications.pdf
gurumoop
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Approach and Philosophy of On baking technology
30anthuong17
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 

CCNA (R & S) Module 02 - Connecting Networks - Chapter 5

  • 1. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1 Chapter 5: Network Security and Monitoring Connecting Networks
  • 2. Presentation_ID 2© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Chapter 5 - Sections & Objectives  5.1 LAN Security • Explain how to mitigate common LAN security.  5.2 SNMP • Configure SNMP to monitor network operations in a small to medium- sized business network.  5.3 Cisco Switch Port Analyzer (SPAN) • Troubleshoot a network problem using SPAN.
  • 3. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 3 5.1 LAN Security
  • 4. Presentation_ID 4© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential LAN Security LAN Security Attacks  Common attacks against the Layer 2 LAN infrastructure include: • CDP Reconnaissance Attacks • Telnet Attacks • MAC Address Table Flooding Attacks • VLAN Attacks • DHCP Attacks
  • 5. Presentation_ID 5© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  This topic covers several Layer 2 security solutions: • Mitigating MAC address table flooding attacks using port security • Mitigating VLAN attacks • Mitigating DHCP attacks using DHCP snooping • Securing administrative access using AAA • Securing device access using 802.1X port authentication LAN Security LAN Security Best Practices
  • 6. Presentation_ID 6© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  There are several strategies to help secure Layer 2 of a network: • Always use secure variants of these protocols such as SSH, SCP, SSL, SNMPv3, and SFTP. • Always use strong passwords and change them often. • Enable CDP on select ports only. • Secure Telnet access. • Use a dedicated management VLAN where nothing but management traffic resides. • Use ACLs to filter unwanted access. LAN Security LAN Security Best Practices
  • 7. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 7 5.2 SNMP
  • 8. Presentation_ID 8© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential SNMP SNMP Operation  SNMP allows administrators to manage and monitor devices on an IP network.  SNMP Elements • SNMP Manager • SNMP Agent • MIB  SNMP Operation • Trap • Get • Set
  • 9. Presentation_ID 9© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential SNMP SNMP Operation  SNMP Security Model and Levels
  • 10. Presentation_ID 10© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential SNMP Configuring SNMP  Configuration steps • Configure community string • Document location of device • Document system contact • Restrict SNMP Access • Specify recipient of SNMP Traps • Enable traps on SNMP agent
  • 11. Presentation_ID 11© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential SNMP Configuring SNMP  Securing SNMPv3
  • 12. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 12 5.3 Cisco Switch Port Analyzer (SPAN)
  • 13. Presentation_ID 13© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Cisco Switch Port Analyzer SPAN Overview  Port mirroring • The port mirroring feature allows a switch to copy and send Ethernet frames from specific ports to the destination port connected to a packet analyzer. The original frame is still forwarded in the usual manner.
  • 14. Presentation_ID 14© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Cisco Switch Port Analyzer SPAN Overview  SPAN terminology
  • 15. Presentation_ID 15© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Cisco Switch Port Analyzer SPAN Overview  RSPAN terminology
  • 16. Presentation_ID 16© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Cisco Switch Port Analyzer SPAN Configuration  Use monitor session global configuration command
  • 17. Presentation_ID 17© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Cisco Switch Port Analyzer SPAN as a Troubleshooting Tool  SPAN allows administrators to troubleshoot network issues  Administrator can use SPAN to duplicate and redirect traffic to a packet analyzer  Administrator can analyze traffic from all devices to troubleshoot sub-optimal operation of network applications
  • 18. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 18 5.4 Chapter Summary
  • 19. Presentation_ID 19© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Chapter Summary Summary  At Layer 2, a number of vulnerabilities exist that require specialized mitigation techniques: • MAC address table flooding attacks are addressed with port security. • VLAN attacks are controlled by disabling DTP and following basic guidelines for configuring trunk ports. • DHCP attacks are addressed with DHCP snooping.  The SNMP protocol has three elements: the Manager, the Agent, and the MIB. The SNMP manager resides on the NMS, while the Agent and the MIB are on the client devices. • The SNMP Manager can poll the client devices for information, or it can use a TRAP message that tells a client to report immediately if the client reaches a particular threshold. SNMP can also be used to change the configuration of a device.
  • 20. Presentation_ID 20© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Summary Continued  SNMPv3 is the recommended version because it provides security.  SNMP is a comprehensive and powerful remote management tool. Nearly every item available in a show command is available through SNMP.  Switched Port Analyzer (SPAN) is used to mirror the traffic going to and/or coming from the host. It is commonly implemented to support traffic analyzers or IPS devices.
  • 21. Presentation_ID 21© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
  • 22. Presentation_ID 22© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential