tailieunhanh - Lecture CCNP Switch: Implementing IP switching - Chapter 6: Securing the campus infrastructure
Security is a primary concern in maintaining a secure, stable, and uninterrupted network. Network security goes far beyond the information in this chapter and includes topics such as intrusion detection, firewalls, virus protection, and operating system patching,. | Chapter 6: Securing the Campus Infrastructure CCNP SWITCH: Implementing IP Switching 1 Cisco Networking Academy Program CCNP SWITCH: Implementing IP Switching Chapter 6: Securing the Campus Infrastructure Chapter 6 Objectives Identify attacks and threats to switches and methods to mitigate attacks. Configure switches to guard against MAC-based attacks. Configure tight control of trunk links to mitigate VLAN hopping attacks. Configure switches to guard against DHCP, MAC, and address resolution protocol (ARP) threats. Secure Layer 2 devices and protocols. Develop and implement organizational security policies. Describe tools used to monitor and analyze network traffic. 2 Chapter 6 Objectives Securing the campus infrastructure is as important as designing a highly available network. If security is compromised, serious impact to business can occur. This chapter defines the potential vulnerabilities related to VLANs that can occur within a network. After the vulnerabilities are . | Chapter 6: Securing the Campus Infrastructure CCNP SWITCH: Implementing IP Switching 1 Cisco Networking Academy Program CCNP SWITCH: Implementing IP Switching Chapter 6: Securing the Campus Infrastructure Chapter 6 Objectives Identify attacks and threats to switches and methods to mitigate attacks. Configure switches to guard against MAC-based attacks. Configure tight control of trunk links to mitigate VLAN hopping attacks. Configure switches to guard against DHCP, MAC, and address resolution protocol (ARP) threats. Secure Layer 2 devices and protocols. Develop and implement organizational security policies. Describe tools used to monitor and analyze network traffic. 2 Chapter 6 Objectives Securing the campus infrastructure is as important as designing a highly available network. If security is compromised, serious impact to business can occur. This chapter defines the potential vulnerabilities related to VLANs that can occur within a network. After the vulnerabilities are identified, solutions for each vulnerability are discussed, and configuration commands are defined. This chapter also discusses port security for denial of MAC spoofing and MAC flooding, and using private VLANs (PVLAN) and VLAN access control lists (VACL) to control VLAN traffic. VLAN hopping, Dynamic Host Control Protocol (DHCP) spoofing, Address Resolution Protocol (ARP) spoofing, and Spanning Tree Protocol (STP) attacks are also explained. This chapter also discusses potential problems, resulting solutions, and the method to secure the switch access with use of vty access control lists (ACL), and implementing Secure Shell Protocol (SSH) for secure Telnet access. This chapter concludes with a description of tools used to monitor, analyze, and troubleshoot switch performance, connectivity, and security issues. 3 Overview of Switch Security Most attention surrounds security attacks from outside the walls of an organization. Inside the network is left largely unconsidered in most security .
đang nạp các trang xem trước
