© 2006 cisco systems, inc. all rights reserved.cisco publicbsci module 6 1 basic switch concept...
TRANSCRIPT
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicBSCI Module 6 1
Basic Switch Concept
Prepared by: Akhyari Nasir
Resources form Internet
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Objectives Summarize the operation of Ethernet as defined for
100/1000 Mbps LANs in the IEEE 802.3 standard.
Explain the functions that enable a switch to forward Ethernet frames in a LAN.
Configure a switch for operation in a network designed to support voice, video, and data transmissions.
Configure basic security on a switch that will operate in a network designed to support voice, video, and data transmissions.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Summarize the operation of Ethernet as defined for 100/1000 Mbps LANs in the IEEE 802.3 standard
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Summarize the operation of Ethernet as defined for 100/1000 Mbps LANs in the IEEE 802.3 standard
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Summarize the operation of Ethernet as defined for 100/1000 Mbps LANs in the IEEE 802.3 standard
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Explain the Functions that Enable a Switch to Forward Ethernet Frames in a LAN
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Explain the Functions that Enable a Switch to Forward Ethernet Frames in a LAN
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Explain the Functions that Enable a Switch to Forward Ethernet Frames in a LAN
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Explain the Functions that Enable a Switch to Forward Ethernet Frames in a LAN
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Configure a Switch for Operation in a Network
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Configure a Switch for Operation in a Network Cisco IOS help facilities
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Configure a Switch for Operation in a Network Cisco IOS commands used to access the command
history
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Configure a Switch for Operation in a Network the boot sequence of a Cisco switch
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Configure a Switch for Operation in a Network prepare the switch to be configured
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Configure a Switch for Operation in a Network perform a basic switch configuration
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Configure a Switch for Operation in a Network verify the Cisco IOS configuration using the Show
command
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Configure a Switch for Operation in a Network manage the Cisco IOS configuration files
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Configure Basic Security on a Switch Cisco IOS commands used to configure password
options
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Describe the Cisco IOS commands used to configure a login banner
Configure Basic Security on a Switch
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
Describe the how to configure Telnet and SSH on a switch
Configure Basic Security on a Switch
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
MAC address flooding, spoofing attacks, CDP attacks, and Telnet attacks
Configure Basic Security on a Switch
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22
Spoofing
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23
More on CDP
By default, most Cisco routers and switches have CDP enabled. CDP information is sent in periodic broadcasts that are updated locally in each device's CDP database. Because CDP is a Layer 2 protocol, it is not propagated by routers.
CDP contains information about the device, such as the IP address, software version, platform, capabilities, and the native VLAN. When this information is available to an attacker, they can use it to find exploits to attack your network, typically in the form of a Denial of Service (DoS) attack.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24
Telnet
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 25
network security tools are used to improve network security
Configure Basic Security on a Switch
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 26
secure ports on a switch
Configure Basic Security on a Switch
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 27
Describe the Cisco IOS commands used to disable unused ports
Configure Basic Security on a Switch
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 28
Summary LAN Design
Process that explains how a LAN is to be implemented
Factors to consider in LAN design include
Collision domains
Broadcast domains
Network latency
LAN segmentation
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 29
Summary
Switch forwarding methods
Store & forward – used by Cisco Catalyst switches
Cut through – 2 types
Cut through
Fast forwarding
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 30
Summary
Symmetric switching
Switching is conducted between ports that have the same bandwidth
Asymmetric switching
Switching is conducted between ports that have unlike bandwidth
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 31
Summary
CISCO IOS CLI includes the following features
Built in help
Command history/options
Switch security
Password protection
Use of SSH for remote access
Port security
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 32