© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicBSCI Module 6 1

Basic Switch Concept

Prepared by: Akhyari Nasir

Resources form Internet

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2

Objectives Summarize the operation of Ethernet as defined for

100/1000 Mbps LANs in the IEEE 802.3 standard.

Explain the functions that enable a switch to forward Ethernet frames in a LAN.

Configure a switch for operation in a network designed to support voice, video, and data transmissions.

Configure basic security on a switch that will operate in a network designed to support voice, video, and data transmissions.

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3

Summarize the operation of Ethernet as defined for 100/1000 Mbps LANs in the IEEE 802.3 standard

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4

Summarize the operation of Ethernet as defined for 100/1000 Mbps LANs in the IEEE 802.3 standard

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5

Summarize the operation of Ethernet as defined for 100/1000 Mbps LANs in the IEEE 802.3 standard

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6

Explain the Functions that Enable a Switch to Forward Ethernet Frames in a LAN

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7

Explain the Functions that Enable a Switch to Forward Ethernet Frames in a LAN

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8

Explain the Functions that Enable a Switch to Forward Ethernet Frames in a LAN

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9

Explain the Functions that Enable a Switch to Forward Ethernet Frames in a LAN

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10

Configure a Switch for Operation in a Network

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11

Configure a Switch for Operation in a Network Cisco IOS help facilities

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12

Configure a Switch for Operation in a Network Cisco IOS commands used to access the command

history

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13

Configure a Switch for Operation in a Network the boot sequence of a Cisco switch

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14

Configure a Switch for Operation in a Network prepare the switch to be configured

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15

Configure a Switch for Operation in a Network perform a basic switch configuration

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16

Configure a Switch for Operation in a Network verify the Cisco IOS configuration using the Show

command

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17

Configure a Switch for Operation in a Network manage the Cisco IOS configuration files

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18

Configure Basic Security on a Switch Cisco IOS commands used to configure password

options

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19

Describe the Cisco IOS commands used to configure a login banner

Configure Basic Security on a Switch

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20

Describe the how to configure Telnet and SSH on a switch

Configure Basic Security on a Switch

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21

MAC address flooding, spoofing attacks, CDP attacks, and Telnet attacks

Configure Basic Security on a Switch

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22

Spoofing

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23

More on CDP

By default, most Cisco routers and switches have CDP enabled. CDP information is sent in periodic broadcasts that are updated locally in each device's CDP database. Because CDP is a Layer 2 protocol, it is not propagated by routers.

CDP contains information about the device, such as the IP address, software version, platform, capabilities, and the native VLAN. When this information is available to an attacker, they can use it to find exploits to attack your network, typically in the form of a Denial of Service (DoS) attack.

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24

Telnet

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 25

network security tools are used to improve network security

Configure Basic Security on a Switch

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 26

secure ports on a switch

Configure Basic Security on a Switch

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 27

Describe the Cisco IOS commands used to disable unused ports

Configure Basic Security on a Switch

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 28

Summary LAN Design

Process that explains how a LAN is to be implemented

Factors to consider in LAN design include

Collision domains

Broadcast domains

Network latency

LAN segmentation

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 29

Summary

Switch forwarding methods

Store & forward – used by Cisco Catalyst switches

Cut through – 2 types

Cut through

Fast forwarding

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 30

Summary

Symmetric switching

Switching is conducted between ports that have the same bandwidth

Asymmetric switching

Switching is conducted between ports that have unlike bandwidth

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 31

Summary

CISCO IOS CLI includes the following features

Built in help

Command history/options

Switch security

Password protection

Use of SSH for remote access

Port security

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 32