Unlock the full potential of your projects.
Show full map
Copy and edit map Copy

Network security and monitoring

Other
Arely Solis
Get Started. It's Free
or sign up with your email address
Similar Mind Maps Mind Map Outline
Network security and monitoring by Mind Map: Network security and monitoring

1. LAN SECURITY

1.1. LAN SECURITY ATACKS

1.1.1. CDP Reconnaissance

1.1.2. TELNET

1.1.3. MAC Address Table Flooding

1.1.4. VLAN

1.1.5. DHCP

1.2. LAN SECURITY BEST PRACTICES

1.2.1. Mitigate MAC Address Flooding Table Attacks

1.2.2. Mitigate VLAN Attacks

1.2.3. Mitigate DHCP Attacks

1.2.4. Secure Administrative Access using AAA

1.2.5. Secure Device Access using 802.1X

2. SNMP

2.1. SNMP OPERATION

2.1.1. SNMP Operation

2.1.1.1. get-request

2.1.1.2. get-next-request

2.1.1.3. get-bulk-request

2.1.1.4. get response

2.1.1.5. set-request

2.1.2. Community Strings

2.1.2.1. Read-only (ro)

2.1.2.2. Read-write (rw)

2.2. CONFIGURATION SNMP

2.2.1. Steps for Configuring SNMP

2.2.1.1. Step 1. (Required) Configure the community string and access level (read-only or read-write) with the snmp-server. Step 2. (Optional) Document the location of the device using the snmp-server Step 3. (Optional) Document the system contact using the snmp-server contact text command. Step 4. (Optional) Restrict SNMP access to NMS hosts (SNMP managers) that are permitted by an ACL: define the ACL and then reference the ACL with the snmp-server community string access-list-number-or-name command. Step 5. (Optional) Specify the recipient of the SNMP trap operations with the snmp-server hosthost-id Step 6. (Optional) Enable traps on an SNMP agent with the snmp-server enable traps notification-types command.

2.2.2. Steps for Configuring SNMPv3

2.2.2.1. Step 1. Configure a standard ACL that will permit access for authorized SNMP managers. Step 2. Configure an SNMP view with the snmp-server view global configuration command to identify which MIB Object Identifiers (OIDs) the SNMP manager will be able to read. Step 3. Configure SNMP group features with the snmp-server group global configuration command. This command has the following parameters (refer to the figure for the syntax): Step 4. Configure SNMP group user features with the snmp-server user global configuration command.

3. CISCO SWITCH PORT ANALYZER

3.1. SPAN OVERVIEW

3.1.1. Port Mirroring

3.1.1.1. A packet analyzer (also known as a sniffer, packet sniffer, or traffic sniffer) is a valuable tool to help monitor and troubleshoot a network.

3.1.2. Analyzing Suspicious Traffic

3.1.2.1. Packet analyzers – Using software such as Wireshark to capture and analyze traffic for troubleshooting purposes. Intrusion Prevention Systems (IPSs) –IPSs are focused on the security aspect of traffic and are implemented to detect network attacks as they happen, issuing alerts or even blocking the malicious packets as the attack takes place.

3.1.3. local SPAN and remote SPAN

3.2. SPAN CONFIGURATION

3.2.1. Configuring Local SPAN

3.2.1.1. #monitor session number source [interfce interface | vlan vlan]

3.2.1.2. #monitor session number destination [interfce interface | vlan vlan]

3.3. SPAN AS A TROUBLESHOOTING TOOL

3.3.1. Troubleshooting with SPAN Overview

3.3.1.1. SPAN allows administrators to troubleshoot network issues. For example, a network application may be taking too long to execute tasks. To investigate, a network administrator may use SPAN to duplicate and redirect traffic to a packet analyzer such as Wireshark. The administrator can then analyze the traffic from all devices to troubleshoot sub-optimal operation of the network application.