Beruflich Dokumente
Kultur Dokumente
11.0 Introduction
11.1 Network Design
11.2 Network Security
11.3 Basic Network Performance
11.4 Summary
Cisco Public
Cisco Public
Cisco Public
Cisco Public
Cisco Public
access.
Cisco Public
Cisco Public
Traffic type and patterns are should also be considered when designing
a network.
A good network design categorizes
Cisco Public
Cisco Public
10
Network Applications
Used to communicate over the network.
Email clients and web browsers are examples of this type of application.
Cisco Public
11
Cisco Public
12
Basic components:
Infrastructure
VoIP
IP Telephony
Real-time Applications
Cisco Public
13
Cisco Public
14
Cisco Public
15
Cisco Public
16
Cisco Public
17
resource allocations.
Cisco Public
18
Cisco Public
19
Cisco Public
20
Cisco Public
21
Cisco Public
22
Cisco Public
23
Cisco Public
24
Viruses
Worms
Trojan Horses
Cisco Public
25
Cisco Public
26
Password Attack
Attacks against known vulnerabilities
and services.
The goal is to gain access to information
four types:
Password Attacks
Trust Exploitation
Trust Exploitation
Port Redirection
Man-in-the-Middle
Cisco Public
27
Port Redirection
Man-in-the-Middle
Cisco Public
28
updates.
Cisco Public
29
SYN Flood
Ping of Death
SYN Flood
DDoS
Smurf Attack
Smurf Attack
DDos
Cisco Public
30
Cisco Public
31
applied.
A central patch server can be a
a host are automatically downloaded from the patch server and installed
without user intervention.
Cisco Public
32
(authenticate), what they can do while they are there (authorize), and
what actions they perform while accessing the resource (accounting).
The AAA framework can be very
Cisco Public
33
network include:
o Packet filtering
o Application filtering
o URL filtering
o Stateful packet inspection (SPI)
Cisco Public
34
tablets.
Securing endpoint devices is challenging.
Employees need to be trained on proper use of the network.
Policies often include the use of antivirus software and host intrusion
prevention.
More comprehensive endpoint
Cisco Public
35
Cisco Public
36
Cisco Public
37
Cisco Public
38
in the configuration.
The security passwords min-length command ensures all configured
brute-force attacks.
login block-for 120 attempts 3
Cisco Public
39
Cisco Public
40
Cisco Public
41
File Systems
Flash
Cisco Public
42
Cisco Public
43
Cisco Public
44
Cisco Public
45
Cisco Public
46
Cisco Public
47
Cisco Public
48
Cisco Public
49
connectivity.
The ping command can help to identify the source of the problem.
A ping issued from the IOS will yield one of several indications for each
ICMP echo request that was sent. The most common indicators are:
o ! - Indicates receipt of an ICMP echo reply message.
o . - Indicates time expired while waiting for an ICMP echo reply message
o U - Indicates that an ICMP unreachable message was received
Cisco Public
50
The "." (period) may indicate that a connectivity problem occurred somewhere
along the path. A number of reasons can result in this indicator:
o A router along the path did not have a route to the destination.
o The ping was blocked by device security.
o The ping timed out before another
protocols response was received
(ARP, for instance).
Cisco Public
51
a destination IP address.
A series of prompts are then
presented.
Pressing Enter accepts the
Cisco Public
52
The output derived from network commands can contribute data to the network
baseline.
Cisco Public
53
Cisco Public
54
Cisco Public
55
Cisco Public
56
show running-config
show interfaces
show arp
show ip route
show protocols
show version
Cisco Public
57
Cisco Public
58
ipconfig
to display IP information on a
Windows-based computer.
The ipconfig command displays the
ipconfig /all
Cisco Public
59
ipconfig /displaydns
Cisco Public
60
The arp a command lists all devices currently in the ARP cache of the
host.
It also includes the IPv4 address,
Cisco Public
61
Cisco Public
62
neighboring device.
CDP will reveal the neighbor's IP address regardless of whether you
run.
To disable CDP on an interface, use the interface command no cdp
enable.
Cisco Public
63
Cisco Public
64
Cisco Public
65
Thank you.