 Sections
 Syndication |
|
|
Blogroll:
||||| ALL Cisco-Network ARTICLES |||||
CCIE Journey, The CCIE Journey,
|
|
Author: alperen |
|
|
| Full name |
|
| Username |
alperen
|
| E-mail |
alperenmad@hotmail.com
|
| Short bio |
|
| Website |
|
|
Published articles: |
category: Wi-Fi Security
- Access Control
- The Many Flavors of 802.11
- HomeRF
- Facts
- Enforcing Security
- Cross-Platform Hacking
- Authentication
- FHSS
- SWAP Specification
- Bluetooth Technology
- Link Me Up!
- Eavesdropping
- Encryption
- DSSS
- Integrating Wireless Phone and Data
- Bluetooth Background
- Conclusion: The Future of the WLAN
- Breaking In!
- Safeguards
- OFDM
- Bluetooth
- What Gives Bluetooth Its Bite?
- Wireless LAN Security Factors
- Counterfeiting
- PREFACE
- Intrusion Detection Systems
- Bluetooth
- Wireless Hacking
- Bluetooth Spectrum Hopping
- Enabling Encryption Security
- Wireless DoS Attack
- Wireless Defined
- IEEE
- Differences between the Wireless Standards
- NetStumbler
- Bluetooth Connections
- WEP Encryption
- Points of Vulnerability
- Factors of Security
- WECA
- Conclusion: How Security Applies
- NetStumbler Software Uses
- Data transmission
- Encrypting 802.11b?
- Theft
- Wi-Fi
- Technology Comparisons
- Script Kiddies
- Error correction
- Network Interface Cards
- Conclusion: Keeping Your WLAN Secure
- Issues in Wireless Security
- The State of Wireless LAN Security
- Securing Your WLAN
- Your Best Defense Against an Attack
- Authenticating Data
- Client Authentication in a Closed System
- Passive Attacks
- Ensuring Privacy
- Conclusion
- Shared Key Authentication
- Managing Keys
- WLAN Vulnerabilities
- Subtle Attacks
- Keeping Data Intact
- Common Security Pitfalls
- Location! Location! Location!
- RC4
- Active Attack Patterns
- Ad Hoc Networks
- Roaming in 802.11
- 802.11g
- Extended Service Set
- Speed
- 802.11h
- Wireless Radio Standard
- Standard “Flavors” of 802.11
- 802.11i
- The Standard Algorithm
- 802.11a
- Conclusion: Evolution of the 802.11 Standard
- Address Spaces
- 802.11b
- The 802.11 Standard
- The 802.11 Standard in Security
- 802.11d
- The 802.11 Standard Defined
- Issues to Consider
- Encryption
- 802.11e
- Expanding the Network Standard
- Timing and Power Management
- 802.11f
- Choosing a Flavor of 802.11
- Wireless Vulnerability
- Building a Private Wireless Infrastructure
- Security Design
- Vulnerable Encryption
- Monitoring Activity
- Commercial Security Infrastructure
- Conclusion: Maintaining a Secure Infrastructure
- Building a Private Infrastructure
- 802.11 Security Infrastructure
- Point-to-Point Wireless Application Security
- Items to Compromise
- Deploying Your Wireless Infrastructure
- Determining Requirements
- Point of Interception
- Insecure Keys
- Wireless policy
- Taking a Performance Hit
- Conclusion: Finding Security in an Unsecured World
- Wireless Authentication
- Known WEP Imperfections
- Why WEP?
- Access Control
- Defending Your Systems
- IRL Security
- WEP Mechanics
- Points of Vulnerability
- 802.11 Encryption: Wired Equivalent Privacy
- Wireless Security Encryption
- Keeping track
- Compromising Privacy in Public Places
- Physical Security
- Protecting Your Privacy
- Access methods
- Unauthorized Access and Privacy
- Public or Private?
- Wireless Range
- Passive Attacks
- Privacy in Jeopardy
- Safer Computing
- Conclusion: Common Sense Access Controls
- Broadcast Monitoring
- The “Human” Factor
- Active Attacks
- Defining the Bullet Points in a Security Policy
- The “Evil” Access Point
- Policy guidelines
- Data Privacy
- Training
- Shared-key Authentication
- Securely Identifying Wireless Traffic
- 802.11 Networks on Windows XP
- Secret Keys
- Extensible Authentication Protocol
- Open System Authentication
- The WEP Algorithm
- Conclusion: Open System versus Closed System Authentication
- Static Vulnerabilities
- NIC Security
- Wireless NIC Power Settings
- Managing Keys in an Open System
- Open System to WEP Authentication
- 802.11b Security Algorithms
- Port-based Network Access Control
- Power Requirements
- System Roaming
- Increasing Data Transmission
- Conclusion: Spectrum Safety!
- FHSS Security
- Hop Sequences
- MAC Layers
- FHSS versus DSSS
- Direct Sequence Spread Spectrum
- Frequency Allocation
- Open System Security
- It’s All About…Timing
- 802.11 DSSS
- Technology Issues
- Vendor Trials
- Access Point-centric Configuration
- Conclusion: Next-generation Wireless Equipment
- Mobile Device Configuration
- Building Extensions to Access Points
- Issues in Wi-Fi Deployment
- Directional Broadcasting
- Wireless Equipment Vendors
- Cost Concerns
- WLAN Equipment Considerations
- Wi-Fi Equipment Issues
- Equipment Vendors
- The Costs of Effective Security
- Market Trends
- Wired versus Wireless Security
- Macintosh WLANs
- Lindows OS
- Orinoco Wireless
- Handheld Devices
- Cross-platform Wireless Security Concerns
- Cross-Platform Wireless User Security
- Initialization Vector Collisions
- WLAN Assignment Applications
- Key Reuse
- Cost Concerns
- Evil Packets
- Real-time Decryption
- Windows XP Wireless Connectivity
- 802.11 Security Issues
- Windows XP WEP Authentication
- WLAN NIC Vendors
- Conclusion: All Vendors Must Get Along!
- Windows XP Wireless Functionality
- Proximity Attack
- Security Breach Vulnerabilities
- Intercepting Wireless Network Traffic
- Wireless 802.11b
- WAP Attack!
- Encryption
- Commonsense Measures
- PnP Networked Devices
- Securing Your Network
- Windows Users
- Linux Boxes
- Hacking the Network Printer
- Printer Servers
- Macintosh Computers
- Secure Access Point Management Issues
- Establishing a wireless firewall
- Preventive Measures
- Controlling Access to Access Points
- MAC the Knife
- VPN WLAN
- Patchwork
- Passwords
- Physical Access Point Security
- Enhanced access-control schemes
- BlueSocket
- Public Key Infrastructure
- Virtual private networks for mobile laptop users
- Securing the WLAN
- Vernier Network
- Reducing WEP Vulnerabilities
- Portable Biometrics
- Platform Bias
- Wireless Laptop Network Support
- Conclusion: Evolving Laptop Security
- Enhancing Mobile Security
- Remote Users
- Administrative Security
- wi-fi Passwords
- Host IDS versus Network IDS
- Why Have an IDS?
- Building the Firewall
- The Computer as the Decision Maker
- Real Live People
- Security Vulnerability Assessment
- Intrusion Detection Systems
- Risk Assessment
- Host-based IDS
- Authentication Solutions
- Network-based IDS
- Security Functionality
- Building an Effective Mobile Security Policy
- Seeking Security
- HotSync
- Infrared
- Wireless Connectivity
- Access Control
- Protecting Mobile Resources
- Establishing a Security Policy
- Privacy Concerns
- Why PDAs Require Privacy
- SecurID
- Data Encryption
- Maintaining Access Control
- How Hackers Fit into the Equation
- Security Concerns
- PDAs as Diagnostic Tools
- Intranet Access with Your PDA
- PocketDOS
- Conclusion: Mobile Wireless Computing
- PocketDOS
- PC emulation
- Wireless Service Providers
- Health Insurance Portability
- Graham-Leach-Billey (GLB) Act, 2001
- Pervasive Computing
- Patriot Act, 2001 (USPA)
- The Future of Wi-Fi Security?
- Privacy Regulations
- Fair Credit Reporting Act, 1970, 1996 (FCRA)
- Children’s Online Privacy Protection Act of 1998 (COPPA)
category: CCSP-Cisco Certified Security Professional
- Configuration Weakness
- Understanding Network Security Threats
- Policy Weakness
- Network Device Weaknesses
- Computer and Network Operating Systems
- Technology Weakness
- TCP/IP Wasn’t Designed for Security
- Identify the Causes of Network Security Problems
- Identify the Need for Network Security
- External Threats
- Internal Threats
- Structured Threats
- Unstructured Threats
- The Four Primary Types of Network Threats
- Session Replay and Hijacking
- DDos
- Electronic Reconnaissance
- Data Manipulation Attacks
- Denial of Service (DoS) Attacks
- Reconnaissance Attacks
- IP Spoofing
- Gaining Trusted or Privileged Access
- Public Information
- Techniques to Counteract DoS Attacks
- Gaining Initial Access
- Motivation and Good Sense
- Social Engineering
- Terrorism, Act of War, and Legal Implications
- Password-Based Attacks
- Well-Known DoS Attacks
- Access Attacks
- Repudiation
- DRDoS
- Reconnaissance Tools
- The Four Primary Types of Network Attack
- Keep It Flexible
- Network Operations and Network Security Training
- Security vs. Ease of Use
- Example of a Network Security Policy
- Who Should Help Create the Security Policy?
- Security vs. Services Provided
- Make Time for Training and Signing Off
- A Security Policy Is to Be Shared
- Network Security Policy
- What Belongs in a Network Security Policy
- Acceptable Use Policy (AUP)
- Cisco Security Wheel
- Evaluating a Network Security Policy
- Network Security vs. Network Operations
- SAFE
- Auditing Network Security
- Identifying the Threats
- Security Cost vs. Risk of Loss
- Cisco AVVID and SAFE Strategies
- Monitoring Network Security
- Identifying the Assets
- Why Create a Network Security Policy
- AVVIDS
- Securing the Network
- Assets and Threats
- The Balancing Act
- User Mode Passwords
- Securing the Network 2
- Securing Administrative Access
- Network Security Threats Questions and Answers
- Privilege Mode Passwords
- Securing Network Devices
- Password Encryption
- Physically Secure the Devices
- Improving Network Security
- Message of the Day Banner (MOTD)
- Outside Network
- Network Security Threats Review
- Privilege Levels
- Demilitarized Zone (DMZ)
- Inside Network
- Secure Network Design Example
- Using Access Control Lists to Secure the Network
- RADIUS Network
- UDP vs. TCP
- AAA Benefits
- Cisco AAA Security Technology
- The absolute Command
- TCP’s Established Option
- Show Line VTY Command
- Client/Server Model
- Challenge/Response
- Increased Flexibility
- The Cisco AAA Model
- Reference the Time Range
- Named Access Lists
- Network Security Technology
- Multiprotocol Support
- Increased Security
- NAS Servers
- The time-range Command
- Time-Based Access Lists
- Flexiblity
- Packet Encryption
- Scalability
- Why Authenticate?
- The periodic Command
- Define a Time Range
- Interoperability
- Router Management
- Standard Authentication Methods
- Centralized Authentication
- Limiting Access to HTTP Sessions
- Traffic Filtering
- TACACS+
- Multiple Backup Systems
- Securing the Network Questions and Answers
- Limiting the debug ip packet Analysis and, Therefore, CPU Use
- Placement of Standard ACLs
- STUDY TIP
- TACACS+ and RADIUS Compared
- TACACS+, RADIUS, and Kerberos Support
- The show time-range Command
- Extended Access Lists
- Log Option
- Standard ACLs
- Driver’s License Analogy
- Authentication and Authorization
- Kerberos
- Securing the Network Review
- Restrict Application Traffic
- Limiting Access to Telnet Sessions
- Using Loopback Interfaces on Lab Routers
- Authentication
- Define RADIUS Server Key Option
- Define TACACS+ Server Key Option
- Define the Security Server—RADIUS
- Enable AAA
- Define the Method Lists
- Define the Security Server—TACACS+
- AAA as Facilitator
- Define the Method Lists—Login
- Steps to Configure AAA
- AAA System Components
- Steps to Configure AAA
- Implementing Authorization Method Lists
- Define the Authorization Method Lists
- Steps to Configure AAA
- Authorization
- Implementing Authentication Method Lists
- Cisco AAA Security Technology Questions and Answers
- Cisco AAA Security Technology Review
- Accounting
- Implementing Accounting Method Lists
- Testing AAA Configuration
- The show Commands
- The debug Commands
- Define the Accounting Method Lists
- Steps to Configure AAA 3
- Features and Benefits
- IEEE 802.1x—Access Control for Switched LAN Users
- EAP Message Digest 5 (EAP-MD5) and EAP Transport LAN Services (EAP-TLS)
- Features and Architecture of Cisco Secure ACS for Windows
- CiscoSecure ACS for Windows and UNIX
- Describe Cisco Secure ACS
- Microsoft Challenge Authentication Protocol (MSCHAP) Support
- Cisco Secure ACS and TACACS+/RADIUS Technologies
- Cisco Secure ACS for Windows Internal Architecture
- User-Extensible Vendor-Specific Attributes (VSAs)
- Cisco Secure ACS Benefits
- Multiple LDAP Support
- CSDBSync
- Device Command Sets (DCS)
- CSLog
- Per-User Access Control Lists (ACL)
- CSAdmin
- New NAS Wildcard, Multi-NAS, and Named Access Filters Features
- CSAuth
- System Performance
- CSMon
- CSTacacs and CSRadius
- Features and Benefits 2
- Features of CiscoSecure ACS for UNIX
- Preparing to Install UNIX ACS
- access-list cisco Time-Based ACLs Using Time Ranges
- Apply ACLs access-list cisco
- Commented IP ACL Entries access-list cisco
- Define In-Out-Source-and Destination access-list cisco
- IP-ICMP-TCP-UDP access-list cisco
- access-list cisco Edit ACLs
- Context-Based Admission Control
- Lock and Key (Dynamic ACLs) access-list cisco
- access-list cisco ACL Summarization
- access-list cisco Authentication Proxy
- access-list cisco Troubleshoot
- access-list cisco Masks
- Turbo ACLs access-list cisco
- Types of IP ACLs access-list cisco
- access-list cisco introduction
- Distributed Time-Based ACLs access-list cisco
- Process ACLs access-list cisco
- access-list cisco Prerequisites Requirements
- access-list cisco IP Called ACLs
- Define Ports and Bulletin Types access-list cisco
- Reflexive ACLs access-list cisco
- Cisco Bridging Loops
- Operating System Requirements
- Transparent Bridging Operation
- Hardware Requirements
- Switch Loop
- Transparent Bridging
- Multiple Fixtures On Switch Loop
- Gathering Information Required During Installation
- switch loop cisco network
- NAS Minimum IOS Requirements
- Transparent Bridging Frame Format
- Network Requirements
- Transparent Bridging Review Questions
- Back Up Server Data
- Spanning-Tree Algorithm Transparent Bridging
- Installing Cisco Secure ACS 3-0 for Windows
- Configure Groups
- NAT Gateway
- Navigation Bar
- Configure Network
- Firewall Devices
- Administering and Troubleshooting Cisco Secure ACS for Windows
- Configure External User Database
- Suggested Configuration Sequence
- Configure Shared Profile Components
- Configure Administrators
- Configure System
- Configure the ACS Web Interface
- Logging Off the HTML Interface
- Configuration Area
- Configure Users
- Remote Administrative Session Issues
- Display Area
- Configure Reports
- HTTP Proxy Servers
- Accessing the HTML Interface
- The show Commands
- The debug Commands
- Configure NAS to TACACS+ Server Communication
- Packet Encryption
- Define RADIUS Server Key Option
- Configuring Cisco Secure ACS and TACACS+
- Configure NAS to RADIUS Server Communication
- TACACS+ Overview
- Define TACACS+ Server Key Option
- Verifying TACACS+
- Cisco Secure ACS and TACACS+ and RADIUS Technologies Review
- Cisco Secure ACS and TACACS+ and RADIUS Technologies Questions and Answers
- Perimeter Router Networks
- Securing Cisco Perimeter Routers
- Firewall DMZ Cisco Network
- Demilitarized Zone (DMZ)-Network-Cisco
- Inside Network 2
- Outside Network 2
- Simple Secure Network Design
- Perimeter Router Terms and Concepts
- Configuring Authentication Example
- Eavesdropping
- Verifying MD5 Authentication
- Encryption and Tunneling
- Hub and Switch Issues
- Router Solutions
- Limit Unneeded TCP/IP and Other Services (Finger NTP CDP)
- Denial of Service Attacks
- Dynamic (Lock-and-Key) Access Lists
- Configuring Static NAT
- Debugging IP NAT
- Unauthorized Access-Address Filtering
- Confirming NAT Translations
- Dynamic NAT-Define a Pool of Global IP Addresses to Be Allocated
- Configure Reflexive Access Lists
- Viewing Reflexive Access Lists
- Dynamic NAT-Use a Standard ACL to Define the Local Addresses Eligible for Translation
- Selecting the Interface to Use
- Lack of Legal IP Addresses
- Dynamic NAT-Link the Pool of Global Addresses with the Eligible Local Addresses
- Display Dynamic Access Lists
- NAT Technology and Terminology
- Clearing the NAT Translation Table
- Reflexive Access Lists
- Device Interfaces
- Dynamic NAT with Overloading (PAT)
- Creating a Lock-and-Key System
- Static NAT
- Changing the PAT Default Inactivity Timeout Timers
- Introduction to Cisco IOS Firewall
- CBAC Advantages
- Apply Inspection Rules and ACLs to an Interface
- Router-Based Firewall Functionality
- CBAC Limitations
- Select the Interface
- Rerouting Attacks
- Integration with Cisco IOS Software
- CBAC Process
- Test and Verify
- Event Logging on Perimeter Routers
- VPN, IPSec Encryption, and QoS Support
- Configuring CBAC
- Access List Violation Logs
- Does the IOS Image Support Firewall and IPSec Features?
- Set Audit Trails and Alerts
- Securing Cisco Perimeter Routers Review
- Cisco IOS Firewall Feature Summary
- Set Global Timeouts and Thresholds
- Securing Cisco Perimeter Routers Questions and Answers
- Context-Based Access Control (CBAC)
- Define Port-to-Application Mapping (PAM)
- IOS Firewall Feature Set—CBAC
- Quick Access List Review
- Define Inspection Rules
- Devices Supporting the IOS Firewall IDS Features
- Cisco IDS Attack Signatures
- IOS Firewall Management
- Cisco Secure IDS Director Support
- Performance Implications
- IOS Firewall Feature Set—CBAC Review
- IOS IDS vs. Cisco Secure IDS
- IOS Firewall Feature Set—CBAC Questions and Answers
- When to Choose the Cisco IOS Firewall IDS Features
- IOS Firewall—Intrusion Detection System
- Intrusion Detection System (IDS)
- IOS Firewall Intrusion Detection System
- Initializing the Post Office
- Define Info Audit Actions
- Define the Protected Networks
- The ip audit notify Command
- Define Attack Audit Actions
- The ip audit po local Command
- Create Named Audit Rules
- The ip audit po remote Command
- Using ACLs with Named Audit Rules
- Director vs. Logger Application
- Disabling Individual Signatures
- Multiple Routes to the Same Director
- Using ACLs When Disabling Individual Signatures
- Cisco IOS Firewall IDS Configuration Task List
- Creating and Applying Audit Rules
- Apply the Audit Rule to the Interface(s)
- Initializing the IOS Firewall IDS
- Creating an Audit Rule
- Applying the Audit Name
- IOS Firewall—Authentication Proxy
- Compatibility with Other Features
- Verifying the IDS Configuration
- Cisco IOS Firewall Authentication Proxy
- Security Vulnerability Issues
- The show ip audit statistics Command
- How the Authentication Proxy Works
- Before Configuring Authentication Proxy
- The show ip audit configuration Command
- User Profiles and Dynamic ACL Entries
- Authentication Proxy Configuration Task List
- The show ip audit interface Command
- Idle Timer
- The show ip audit all Command
- Secure Authentication
- IOS Firewall—Intrusion Detection System Review
- Applying the Authentication Proxy
- IOS Firewall—Intrusion Detection System Questions-Answers
- Comparison with the Lock-and-Key Feature
- Define the Security Server-
- Define TACACS+ Server Key Option
- Define the Security Server—RADIUS
- Define AAA Group Server (Optional)
- AAA Server Configuration
- Define Login Authentication Methods List
- AAA Router Configuration
- Enable Authorization Proxy (auth-proxy) for AAA
- Enable AAA network
- Activate Authentication Proxy Accounting
- Define the Security Server
- ACL Entry for Return Traffic from the AAA Server
- Configuring the HTTP Server
- Authentication Proxy Configuration on the Router
- The ip auth-proxy auth-cache-time Command
- The ip auth-proxy auth-proxy-banner Command
- The ip auth-proxy name Command
- The auth-proxy Interface Configuration
- Clearing the auth-proxy Cache Displaying Dynamic ACL Entries
- The debug Commands
- CBAC Configuration
- Verify Authentication Proxy Configuration
- Site to Site
- Layer 2 VPNs
- Layer 3 VPNs
- Other VPN Implementations
- Cisco IOS Firewall Authentication Proxy Questions Answers
- Why Use VPNs?
- Cisco IOS IPSec Introduction
- VPN Analogy
- Cisco IOS Firewall Authentication Proxy Review
- Virtual Private Networks 1
- Remote–Access
- Generic Routing Encapsulation (GRE)
- Tunneling Protocols
- Layer Two Forwarding (L2F) Protocol
- Layer 2 Tunneling Protocol (L2TP)
- Transport and Tunnel Mode
- How IPSec Works
- AH Transport and Tunnel Mode
- IPSec Security Overview
- ESP Transport and Tunnel Mode
- Authentication Header (AH)
- IPSec Transforms and Transform Sets
- Encapsulating Security Payload (ESP)
- Transform Sets
- Choosing Between AH and ESP
- Other IPSec Encryption Standards
- Transport Mode
- Peer Authentication
- Data
- Network Layer network
- Security Association (SA)
- Preshared Key Authentication
- Key
A key is a fixed-length digital
sequence of characters used to scramble the source data
- Application Layer
- IKE SAs versus IPSec SAs
- RSA Signature Authentication
- Government Regulation
- Hashing
- IPSec Security Association (SA)
- RSA Encryption Authentication
- Encryption Algorithm
- Hashed Message Authentication Codes (HMAC)
- Five Steps of IPSec Revisited
- CAs and Digital Certificates
- Cipher Text
- HMAC-MD5-96
- Step 1—Determine Interesting Traffic
- Step 3—IKE Phase Two
- Cryptography Types
- HMAC-SHA-1-96
- Step 2—IKE Phase One
- IPSec Data Transfer-Session Termination
- Cisco IOS Cryptosystem Components
- Encryption Alternatives
- Diffie-Hellman Key Agreement (DH)
- Main Mode
- Aggressive Mode
- How Encryption Works
- Data-Link Layer network
- Defining a DH Group
- Step 1-3 Determine the IPSec (IKE Phase 2) Policies
- Task 3 Configure IPSec
- Step 4-2 Display the Configured Transform Sets
- Cisco IOS IPSec Introduction Questions-Answers
- Step 1-4 Check the Current Configuration
- Step 3-1 Configure Transform Set Suites
- Step 4-3 Display the Current State of the IPSec SAs
- Cisco IOS IPSec for Preshared Keys
- Step 1-5 Ensure the Network Works Without Encryption
- Step 3-2 Configure Global IPSec Security Association Lifetimes
- Step 4-4 Display the Configured Crypto Maps
- Configure IPSec Encryption Tasks
- Step 1-6 Ensure Access Control Lists Are Compatible with IPSec
- Step 3-3 Configure Crypto ACLs
- Crypto System Error Messages for ISAKMP
- Task 1 Prepare for IKE and IPSec
- Task 2 Configure IKE
- Step 3-4 Configure Crypto Maps
- Step 1-1 Identify IPSec Peers
- Step 2-1 Enable or Disable IKE
- Step 3-5 Apply the Crypto Maps to the Interface
- Step 1-2 Determine the IKE (IKE Phase 1) Policies
- Step 2-2 Create IKE Policies
- Task 4 Test and Verify IPSec
- IPSec Support in Cisco Systems Products
- Develop the Parameter Preferences
- Step 2-3 Configure Preshared Keys
- Step 4-1 Display the Configured IKE Policies
- Configuring IPSec Manually Is Not Recommended
- Configuring IPSec Manually
- Cisco IOS IPSec for Preshared Keys Review
- Cisco IOS IPSec Certificate Authority Support
- Enroll a Device with a CA
- The clock timezone Command
- Step 2–9 Monitor and Maintain CA Interoperability (Optional)
- CA Support Overview
- Configure CA Support Tasks
- The clock set Command Setting the Hardware Clock
- Step 2–10 Verify the CA Support Configuration
- Digital Certificates
- Task 1—Prepare for IKE and IPSec
- Configuring Daylight Saving Time
- Task 3—Configure IKE
- Certificate Distribution
- Task 2—Configure CA Support
- Step 2–3 Configure the Router Host Name and Domain Name
- Task 4—Configure IPSec
- IPSec with CAs
- Step 2–1 Manage the NVRAM Memory Usage (Optional)
- Step 2–4 Generate a RSA Key Pair
- Task 5—Test and Verify IPSec
- Cisco IOS CA Standards
- Step 2–2 Set the Router Time and Date
- Step 2–5 Declare a CA
- Simple Certificate Enrollment Protocol (SCEP)
- Network Time Protocol (NTP)
- Step 2–6 Authenticate the CA
- Cisco IOS IPSec for Preshared Keys Questions and Answers
- CA Servers Interoperable with Cisco Routers
- Simple Network Time Protocol (SNTP)
- Step 2–7 Request Your Own Certificate
- RSA Encrypted Nonces Overview
- Task 2—Configure RSA Keys
- Introduction to Cisco Easy VPN
- Cisco Easy VPN Server
- Client Connection Process
- Cisco IOS IPSec Certificate Authority Support Review
- Cisco IOS IPSec Certificate Authority Support Questions Answers
- Cisco IOS Remote Access Using Cisco Easy VPN
- Cisco Easy VPN Remote
- Cisco VPN 3.6 Client
- Easy VPN Server Configuration Tasks
- Preconfiguring the Cisco VPN 3.6 Client
- Features and Benefits network
- Router MC v1.1 Firewall Features
- Router MC v1.1 Enhanced VPN Features
- Router MC Server Requirements
- Router MC Client Requirements
- Router MC User Permissions
- Management Center for VPN Routers
- Supported VPN Servers
- Phase Two Features-Manual Tunnel Control
- NAT Interoperability Support
- Cable DHCP Proxy Enhancement
- Peer Host Name Enhancement
- Proxy DNS Server Support
- Simultaneous Easy VPN Client and Server Support
- Easy VPN Remote Phase Two
- Cisco VPN Firewall Feature for VPN Client
- The Central Policy Protection Feature
- Firewall Rules
- Client-Server Feature
- Client Firewall Statistics
- Cisco IOS Remote Access Using Cisco Easy VPN Review
- Cisco IOS Remote Access Using Cisco Easy VPN Questions Answers
- Client and Network Extension Modes
- Standards Supported
- Cisco VPN 3002 Hardware Client Features
- Cisco VPN 3002 Client Devices
- Cisco Products Enable a Secure VPN
- Cisco VPN 3002 Client Models
- Cisco VPN 3060 Concentrator
- Cisco VPN 3080 Concentrator
- Side-by-Side Model Comparison
- Cisco VPN 3000 Concentrator Devices
- Standards Supported network
- Cisco VPN 3000 Concentrator Models
- Cisco VPN 3000 Concentrator Features
- Cisco VPN 3005 Concentrator
- VPN 3000 Concentrator Client Support
- Cisco VPN 3015 Concentrator
- Cisco VPN 3030 Concentrator
- Cisco VPN Hardware Overview Review
- Cisco VPN Hardware Overview Questions Answers
- VPN Concentrator User Interfaces and Startup
- LAN-to-LAN Networks
- Define Inside Address Assignment Method
- VPN 3002 Hardware Client Defaults
- CLI Quick Configuration Steps
- Remote Access VPNs with Preshared Keys
- Define Inside Address Pool for Remote Users
- Creating or Modifying Other Groups
- Concentrator Manager Quick Configuration
- Preshared Keys
- Configuring Groups and Users
- Creating or Modifying Users
- Command-Line Interface (CLI) Basics
- Initial Configuration
- Setting Group and User Defaults
- Other Configuration Options
- Concentrator Manager (Web Interface)
- Setting the Public Interface
- Setting IPSec Defaults
- Configuration | Policy Management | Access Hours
- Connecting to the Concentrator Manager
- Defining the Default Gateway (Optional)
- Setting Client Defaults
- Configuration | System | IP Routing
- Manager Organization
- Verifying Configuration
- Split Tunneling Policy
- Remote Access Networks
- Adding the Static Routes
- Client Firewall Requirements
- Enrolling and Installing Certificates
- Using SCEP to Manage Certificates
- Using the Certificates
- Digital Certificates
- VPN Concentrator and Certificates
- Configure Cisco VPN Client Support
- VPN Client Autoinitiation Feature
- Administer and Monitor Remote Access Networks
- Cisco VPN 3000 Remote Access Networks Review
- Cisco VPN 3000 Remote Access Networks Questions Answers
- Configuring Cisco VPN 3002 Remote Clients
- The VPN 3002 in the Network
- Configuring the 3002 Device
- Common Configuration Tasks
- Configure the Public Interface
- Configure the IPSec
- Choose Client (PAT) Mode or Network Extension Mode
- Change the Admin Password
- Basic Configuration for the VPN 3002
- Modifying Options
- Set the System Time, Date, and Time Zone-Configure the Private Interface
- Configuring the DHCP Server
- LEAP Bypass
- Reverse Route Injection (RRI)
- IPSec Backup Servers
- AES Support and Diffie-Hellman Group 5
- Configure IPSec Backup Servers—VPN 3002 Client
- Push Banner to VPN 3002
- Configure IPSec Backup Servers—VPN 3000 Concentrator
- Delete with Reason
- IPSec Server Load Balancing
- Other VPN 3002 Software Features
- H.323 Support in PAT Mode
- Simple Certificate Enrollment Protocol (SCEP)
- Individual User Authentication
- XML Management
- Auto-Update Feature
- Configuring Cisco VPN 3002 Remote Clients Questions Answers
- Configuring Cisco VPN 3002 Remote Clients Review
- Configure Network Lists
- IPSec over NAT-T
- Define the IKE Proposals (Optional)
- IPSec over UDP
- Create the Tunnel
- LAN-to-LAN VPN with Overlapping Network Addresses
- Adding a Tunnel
- LAN-to-LAN Routing
- LAN-to-LAN Networks with Digital Certificates
- Cisco VPN 3000 LAN-to-LAN Networks Review
- The VPN Concentrators in LAN-to-LAN VPNs
- NAT Issues
- Cisco VPN 3000 LAN-to-LAN Networks Questions Answers
- Cisco VPN 3000 LAN-to-LAN Networks
- NAT Transparency
- LAN-to-LAN Networks with Preshared Keys
- IPSec over TCP
- CiscoSecure PIX Firewalls
- CiscoSecure PIX Firewall Technology
- How NTP Works
- DHCP Client
- Basic PIX Firewall Configuration
- NTP and PIX Firewalls
- Firewalls as a DHCP Client and Server
- CiscoSecure PIX Firewalls questions answers
- Syslog Configuration
- The logging Commands
- Getting Started with the Cisco PIX Firewall
- FTP and URL Logging
- Basic PIX Firewall Configurations
- Verifying and Monitoring Logging
- ICMP Traffic to the Firewall
- DHCP Server Configuration
- Firewall and Firewall Security Systems
- Time Setting and NTP Support
- Configuring the DHCP Server Feature
- Configuring DNS Support
- Connections
- Translations and Connections
- Getting Started with the Cisco PIX Firewall Questions and answers
- Transport Protocols
- Getting Started with the Cisco PIX Firewall Chapter Review
- Access Through the PIX Firewall
- Static Translations
- Adaptive Security Algorithm
- Network Address Translation
- Security Levels
- Port Address Translations (PAT)
- Stateful System
- Using NAT and PAT Together
- Translations
- Names and Name Commands
- Object Grouping
- Access Control Lists (ACLs)
- Conduit Statements
- Using Access Lists-Access-Group Statement
- Basic ACL Statements
- ICMP ACL Statements
- TurboACL
- Downloadable ACLs
- Content Filtering-ActiveX Blocking-Java Blocking-Websense Filtering
- Local User Database
- Fixup Protocol Examples
- Configuring AAA Features
- Other Supported Protocols and Applications
- PIX Routing Configuration
- Command-Level Authorization
- Access Through the PIX Firewall Review
- Firewall Privilege Levels
- Access Through the PIX Firewall Questions Answers
- Advanced Protocol Handling
- Advanced PIX Firewall Features
- Application Inspection
- Remote Access
- The fixup protocol Command
- Defining the AAA Server
- Supported Applications and Protocols
- PIX Firewall SNMP Support
- SNMP Contact and Location
- SNMP Management Station
- SNMP Community Key
- Attack Guards
- Enabling SNMP Traps
- Intrusion Detection
- Verify SNMP Configuration
- Shunning
- Logging to the SNMP Management Station
- Managing SNMP Services
- Advanced PIX Firewall Features Questions and answers
- Advanced PIX Firewall Features Review
- PPPoE and the PIX Firewall
- Pix Firewall Enables a Secure VPN
- CiscoSecure PIX Firewalls Review
- IPSec Configuration Tasks
- Firewalls and VPN Features Questions and answers
- Firewalls and VPN Features
- Task 1: Prepare to Configure VPN Support
- Task 2: Configure IKE Parameters
- Task 3: Configure IPSec Parameters
- Cisco VPN Client
- Scale PIX Firewall VPNs
- Using the PDM Startup Wizard
- Using PDM to Configure the PIX Firewall
- Managing and Maintaining the PIX Firewall
- PDM Overview
- PDM Operating Requirements
- Prepare for PDM
- Installing PDM on a PIX Firewall
- Starting PDM
- PIX Failover Feature
- Understanding Failover
- Failover Configuration with Failover Cable
- LAN-Based Failover Configuration
- Verifying Failover Configuration
- Password Recovery
- PIX Devices with a Floppy Drive
- PIX Devices Without a Floppy Drive
- Before Getting Started
- Intrusion Detection System Overview
- Security Threats
- The Attack Types and Phases
- Attack Types
- Attack Phases
- Upgrading the PIX OS
- Managing and Maintaining the PIX Firewall Review
- Managing and Maintaining the PIX Firewall Questions Answers
- Intrusion Detection System Overview Questions and answers
- Cisco Secure Intrusion Detection System
- Intrusion Detection Systems Overview
- CIDS Operations and Functionality
- Monitoring
- Analyzing
- Host- and Network-Based IDSs
- Centralized Alarm Display and Management
- IDS Triggers
- Sensor Response
- Intrusion Detection System Overview Summary
- CIDS Commands
- CIDS Architecture
- CIDS Directory Structure
- CIDS Log Files
- CIDS Software Architecture
- Network Size and Complexity
- The Amount and Type of Traffic
- Cisco Secure Intrusion Detection System Review
- Cisco Secure Intrusion Detection System Questions Answers
- Sensor Installation and Configuration Overview
- Sensor Deployment Considerations
- Network Entry Points
- Configuration Area
- Monitoring Area
- Administration Area
- IDS Device Manager
- Connecting to the IDS Device Manager
- IDS Device Manager GUI Interface
- Device Area Configuration
- Signature Series
- Signature Implementations
- Sensor Installation
- Signature Classes
- Connecting to Your Network Sensor Appliance
- Sensor Bootstrap
- Signature Types
- Sensor Installation and Configuration Review
- Signature Severity
- Sensor Installation and Configuration Questions and Answers
- Signature and Alarm Management
- CIDS Signatures
- Event Viewer Customization
- Preference Settings
- Event Viewer
- Managing Alarms
- Signature and Alarm Management Review Questions and Answers
- Signature and Alarm Management Review
- Preparation Documents
- Extended Access Lists
- Exam Topics
- TCP Access Lists
- Skills Required for the Exam
- UDP Access Lists
- Cisco SAFE Implementation Questions and Answers
- ICMP Access Lists
- Access Control Lists Cisco
- Named Access Lists
- Access List Basics
- Standard Access Lists
- Cisco SAFE Implementation
- Verifying ACLs
category: Cisco IP Routing Protocols
- Troubleshooting Problems on the Physical Layer
- Session Layer
- Troubleshooting Problems on the Application Layer
- Transport Layer
- Presentation Layer
- Troubleshooting Problems on the Transport Layer
- Network Access Layer
- Physical Layer
- Challenges and Issues of Complex Networks
- Troubleshooting Problems on the Network Layer
- Internet Layer
- Data-Link Layer
- Troubleshooting Problems on Data-Link Layer
- The Layered Architecture of the TCP/IP Model
- The Layered Architecture of the OSI Model
- Application Layer
- Application Layer
- The Layered Troubleshooting Approach
- Mapping the TCP/IP and OSI Models
- Network Layer
- Using the Layered Approach
- Transport Layer
category: CCNP CCIE Complete
- Classless Interdomain Routing
- Route Summarization Example 5
- IPv6 Address Format
- IPv4-Mapped IPv6 Address
- How NAT Works
- Translating Inside Local Addresses
- Configuring NAT
- IGRP and EIGRP
- IGRP Metrics
- Verifying and Troubleshooting IGRP
- Distance-Vector Comparisons (continued)
- The best-route selection process
- The Final Decision on What Routes Populate the Routing Table
- Configuring EIGRP
- Link-State Convergence
- The Hierarchical IP Addressing Scheme
- IP address example
- Networks, Hosts, and Subnets for Figure 2.2
- Route Summarization
- Design Considerations for Route Summarization
- IPv6 Address Types
- Unspecified Address
- Which Camp Are You From?
- The process of translating inside local addresses
- Configuring Static NAT
- Scalability Features of Routing Protocols
- Metric Association of K-Values
- Building Scalable Cisco Internetworks (BSCI), Routing Principles
- Route Information
- ROUTING INFORMATION PROTOCOL (RIP)
- Topology Table Information
- Default Administrative Distance
- Verifying and Troubleshooting EIGRP
- Verifying and Testing a Route
- Network Addressing
- Variable-Length Subnet Masks
- IP Address Range for Switched Subnet in Figure 2.2
- Route summarization
- Discontiguous networking example,IP Addressing
- Global Unicast Address
- IPv6 Anycast Address
- NAT inside/outside and local/global relationship
- Overloading Inside Global Addresses
- Configuring Dynamic NAT
- Distance-Vector Protocol Scalability Issues
- Load Balancing
- Components of Routing Data
- Viewing Route Updates
- RIP Migration
- Updates and Changes
- Default Administrative Distance (continued)
- Route Information
- Verifying Routes
- The Three Classes of IP Addresses Used in Networks Today
- VLSM design example
- Valid Addresses for Ethernet Segment in Figure 2.2
- Valid Addresses for Server Farm Segment in Figure 2.2
- Route Summarization Example 1
- IP Unnumbered
- IPv6 global unicast address format
- IPv6 Multicast Address
- The Advantages of NAT
- NAT overloading inside global IP addresses
- Configuring NAT Using Overloading
- Scalability Limitations of Link-State Routing Protocols
- IGRP Redistribution
- Routing Tables
- Enhanced Interior Gateway
- Link-State Routing
- An IP frame showing the protocol type to be EIGRP
- Reaching the Destination
- Routing Protocol Information
- Testing and Troubleshooting Routes
- Reserved IP Addresses
- Number of IP Addresses
- Valid IP Addresses for All Four Segments Used in Figure 2.2
- IP Network Address Binary Equivalent
- IP Helper Address
- Converting a MAC address to an EUI-64 address
- Network Address Translation
- The Disadvantages of NAT
- Using TCP Load Distribution
- Configuring TCP Load Distribution
- Interior Gateway Routing Protocol
- IGRP redistribution example
- Populating the Routing Table
- Route Tagging
- Link-State Comparisons
- Diffusing Update Algorithm
- Convergence
- Viewing Neighbor Information
- Traceroute
- Class A Addresses
- Maximum Number of Hosts Bits in Subnet Mask Subnet Mask
- Valid IP Addresses for All Four Segments Used in Figure 2.2
- Route Summarization Example 2
- Decimal-to-Binary Conversion Chart
- Link-local unicast address
- Understanding Network,Address Translation
- NAT Traffic Types
- load distribution steps
- Configuring NAT for Overlapping Addresses
- IGRP Features and Operation
- Automatic redistribution example
- Statically Defined Routes
- Neighbor Relationships
- Link-State Comparisons
- EIGRP Metrics
- RIP Convergence
- Viewing EIGRP Packets
- IP Addressing
- Class B Addresses
- Number of Hosts Needed in Figure 2.2
- Discontiguous networking example
- Route Summarization Example 3This example will show you how to summarize 172
- An Overview of IPv6 Addressing
- Link-local unicast address
- NAT Terminology
- Unsupported Traffic Types
- Overlapping Networks
- Verifying and Troubleshooting the NAT Configuration
- IGRP Features
- IGRP Configuration
The basic configuration of IGRP is very straightforward
- Distance-Vector Routing
- Route Calculation
- Classful Routing
- EIGRP Tuning
- IGRP Convergence
- OSPF Operation in a Single Area
- Review of IPv4 Addressing
- Class C Addresses
- Description of Segment
- Cisco and CIDR
- Route Summarization Example 4
- Decimal-to-Binary Chart
- IPv4-Compatible IPv6 Address
- The Elusive Terminology of NAT
- NAT Operations
- NAT translating overlapping addresses
- Commands to Clear the NAT Table
- IGRP Timers
- IGRP configuration example
- Distance-Vector Comparisons
- Redundant Link Calculation
- Classless Routing
- Redistribution for EIGRP
- EIGRP Convergence
- IP Terminology
- Extending IP Addresses
- Networks, Hosts, and Subnets for Figure 2.2
- Discovering the Network with OSPF
- Verifying OSPF Configuration
- OSPF areas
- Basic Multi-Area Configuration
- Router B
- Configuring OSPF for a Totally Stubby Area
- Link-State Database Information
- IS-IS Areas
- Hello PDU
- Verifying and Troubleshooting IS-IS
- OSPF Terminology
- DR and BDR Election Procedure
- Network Types
- Point-to-Point
- OSPF show Commands
- Categories of Multi-Area Components
- Sample multi-area configuration
- Router C
- Not-So-Stubby Area Configuration
- Routing Protocol Information
- OSPF areas
- Link-State PDU (LSP)
- Route Information Gateway
- OSPF Operation
- LSA Flooding
- Broadcast
- Broadcast
- show ip ospf
- OSPF Router Roles
- RouterA
- Router D
- OPSF configuration
- Viewing Neighbor Information
- IS-IS areas
- Sequence Number PDU (SNP)
- Link-State Database Information
- Neighbor and Adjacency Initialization
- LSA Update Multicast Addresses
- NBMA broadcast implementation
- Configuring OSPF—Single Area
- show ip ospf database
- Router roles
- RouterB
- Configuring OSPF for a Stub Area
- Configuring OSPF for a Not-So-Stubby Area
- Viewing OSPF Packets
- Network Entity Titles
- LSP Flooding
- Routing Protocol Information
- OSPF Hello Packet Information
- LSA updates and flooding
- Non-Broadcast
- Point-to-Point
- OSPF area topology
- show ip ospf interface
- Link-State Advertisements
- RouterC
- Totally Stubby Area Configuration
- OSPF Virtual Links
- Integrated IS-IS
- Network entity title formats
- SPF Algorithm
- Viewing Neighbor Information
- Neighbor States
- LSA Acknowledgment and Validation
- Point-to-Multipoint
- Configuring OSPF—Single Area (NBMA Environment)
- show ip ospf neighbor
- LSA Types
- Configuring Multi-Area OSPF
- Router B
- OSPF virtual link
- Integrated Intermediate System to Intermediate System
- Neighbor and Adjacency Initialization
- Network Types
- Viewing SPF Information
- OSPF peer initialization
- SPF Tree Calculation
- Point-to-point vs. point-to-multipoint
- Broadcast Configuration
- Interconnecting OSPF Areas
- OSPF Area Types
- Stub Area Configuration
- Router C
- Verifying and Troubleshooting OSPF
- Integrated IS-IS Operation
- Designated Router
- Configuring IS-IS
- Border Gateway Protocol
- Adjacency Requirements
- NBMA Overview
- Configuring OSPF
- RouterC(config) Point-to-Multipoint
- OSPF Scalability
- Stub area
- OPSF configuration
- Router D
- Route Information
- IS-IS Terminology
- IS-IS PDUs
- Multiple area IS-IS network
- Open Shortest Path First
- OSPF adjacencies for multi-access networks
- NBMA Environments
- Decision Process
- When and When Not to Use BGP
- Injecting Routes into BGP
- Debugging BGP Information
- BGP Terminology
- Version
- Unfeasible Routes Length Field
- Attribute Type Codes
- Connect state
- Route Filtering
- Configuring BGP
- Manually Injecting Routes into BGP
- Advanced Border Gateway Protocol
- BGP Operation
- My Autonomous System
- Withdrawn Routes Field
- Network Layer Reachability Information (NLRI) Field
- Active state
- BGP Synchronization
- Minimal BGP Configuration
- Manually injecting routes into BGP
- Overcoming Scalability Limitations of iBGP
- Multiple autonomous systems
- Hold Time
- Unfeasible Routes Length Field
- KEEPALIVE Message
- OpenSent state
- Transit AS
- Basic BGP implementation
- Redistributing Routes into BGP
- Route Reflection
- Message Header Format
- BGP Identifier
- Unfeasible Routes Length Field
- NOTIFICATION Message
- OpenConfirm
- Established state
- Transit and stub ASs
- iBGP and eBGP Configuration
- FIGURE 8 . 1 6 Redistributing routes into BGP
- Non–fully meshed iBGP
- Message header format
- Optional Parameters Length
- IP address prefix formats
- Error Codes and Related Error Sub-codes
- Route Selection
- Stub AS
- iBGP and eBGP network
- Verifying and Troubleshootingh
- Type Field Values
- Optional Parameters
- Total Path Attributes Length Field
- Neighbor Negotiation
- Routing Information Bases
- no synchronization
- eBGP Multihop Configuration
- Route Information
- OPEN Message
- Optional Parameters field format
- Path Attributes Field
- Finite State Machine
- BGP route processing
- Route Aggregation
- eBGP multihop
- Viewing Neighbor Information
- Border Gateway Protocol
- OPEN message format
- UPDATE message format
- Attribute Type Code
- Idle state
- Multiple route reflector cluster
- Prefix lists
- Route Aggregation
- Type of Traffic Policies
- Configuring Redistribution
- IS-IS redistribution
- Static Routes
- Confederations
- Route Maps
- Route Optimization
- Type of Service Policies
- RIP
- Connected Interfaces, Static Routes, and Default Routes
- Default Routes
- Configuring Confederations
- Communities
- Filtering
- Type of service policies
- Redistribution into RIP
- Connected Interfaces
- Classless to Classful Redistribution
- Configuring confederations
- Peer Groups
- Access Groups
- Verifying and Troubleshooting
- Redistribution into IGRP
- RIP
- Summarization solution
- BGP Filters
- Peer groups
- Access groups
- Debugging policy-based routing
- EIGRP
- IGRP
- Filtering with Redistribution
- Route reflection
- Distribute Lists
- Peer group configuration
- Distribute Lists
- Redistribution
- OSPF
- EIGRP
- Filtering during redistribution
- Configuring Route Reflection for iBGP
- Distribute list
- Multi-homing
- IGP distribute list
- Classless to Classful Redistribution
- OSPF redistribution
- OSPF
- Summarization
- Basic route reflection
- Prefix Lists
- Resolving Next-Hop Issues
- Source-Based Policies
- Filtering with Redistribution
- IS-IS
- IS-IS
- A 20/80 network
- Open Systems Interconnection (OSI) Model
- Layer 4 Switching
- Access Layer Switches
- Collapsed core
- Automatic Load Balancing
- Three-Layer Hierarchical Design Model
- Distribution Layer for the Campus Network
- Considering Routing Protocols
- Building Cisco Multilayer Switched Networks (BCMSN)
- Virtual LANs
- Data Encapsulation
- Multilayer Switching (MLS)
- Distribution Layer Switches
- Dual Core
- Elimination of Peering Problems
- Access Layer
- Core Layer
- OSPF
- The Campus Network
- VLANs break up broadcast domains
- Data encapsulation at each layer of the OSI reference model
- Understanding the Cisco
- Core Layer Switches
- Core Size
- SAFE
- Access Layer for the WAN Network
- Core Layer for the WAN Network
- OSPF summarization
- Understanding Campus Internetworks
- Introducing the New Campus Model
- OSI Encapsulation
- The Cisco hierarchical model
- Applying the Building Blocks
- Blocks Supported by Routing Protocols
- Enterprise Composite Module
- Three-layer campus hierarchy
- Core Layer for the Campus Network
- EIGRP
- Looking Back at Traditional
- Network Services
- Layer 2 Switching
- Core Layer
- Switch Block
- Scaling Layer 2 Backbones
- Enterprise SAFE block diagram
- Access Layer for the Campus Network
- IP Address Assignment
- EIGRP summarization
- Performance Problems and Solutions
- Understanding Broadcast Effects
- Remote Services
- Limitations of Layer 2 Switching
- Distribution Layer
- Switch Block Size
- Spanning Tree Protocol (STP)
- Cisco’s opinion
- Sample network
- Integrated Intermediate System to Intermediate System (IS-IS)
- The 80/20 Rule
- Enterprise Services
- Routing
- Access Layer
- Core Block
- Scaling Layer 3 Backbones
- Local VLANs Finance Sales Sales Finance Support Sales Support
- West region network
- IS-IS summarization
- The New 20/80 Rule
- Using Switching Technologies
- Layer 3 Switching
- Using Cisco Catalyst Products
- The core block
- Fast Convergence
- Design Considerations
- Distribution Layer
- Wyoming network
- BGPv4
- LAN Segmentation Using Switches
- Auto-Negotiation
- Connecting and Logging In to a Switch
- Setting the Passwords
- 4000 Series Set-Based Switch
- 10BaseT
- Comparison of FastEthernet Technologies
- Jumbo Frames
- 4000 Series Set-Based Switch
- 2950 and 3550 Switches
- FastEthernet
- Gigabit Ethernet
- Cabling the Switch Block Devices
- 2950 and 3550 Switches
- 4000 Series Set-Based Switch
- Using FastEthernet at All Three Layers
- Using Gigabit Ethernet in the Enterprise
- Connecting to the Console Port
- Setting the Host Name
- 2950 and 3550 Switches
- IEEE Specifications for FastEthernet
- Protocol Architecture
- Connecting to an Ethernet Port
- 2950 and 3550 Switches
- Configuring the Port Speed and Duplex
- Connecting the Switch Block
- Media Independent Interface (MII)
- Comparing 10BaseT, FastEthernet, and Gigabit Ethernet
- 4000 Switch Startup
- 4000 Series Set-Based Switch
- Verifying Connectivity
- Understanding Cable Media
- Full-Duplex Ethernet and FastEthernet
- Time Slots
- 2950 Switch Startup
- 2950 and 3550 Switches
- 2950 and 3550 Switches
- The Background of IEEE Ethernet
- Using Full-Duplex Ethernet in the Distribution Layer
- Comparison of Gigabit Ethernet Technologies
- Cisco IOS- and Set-Based Commands
- Identifying Switch Interfaces
- The Threat of High Revision Numbers
- Configuring VTP
- VTP Pruning
- Understanding the Design Benefits of Virtual LANs
- Defining VLAN Boundaries
- Catalyst 2950 and 3550 Series
- 4000 Switch
- Server
- Configuring the VTP Version
- Auxiliary VLANs
- A flat network structure
- End-to-End VLANs
- Identifying VLANs
- 2950 and 3550 Series
- Client
- Configuring the VTP Mode
- 802.1Q Tunneling
- Broadcast Control
- Local VLANs
- Frame Tagging
- Clearing VLANs from Trunk Links
- Transparent
- Configuring the Domain
- Security
- Assigning VLAN Memberships
- VLAN Identification Methods
- 4000 Series
- VTP Advertisements
- Verifying the VTP Configuration
- Flexibility and Scalability
- Static VLANs
- Inter-Switch Link Protocol (ISL)
- 2950 and 3550 Series Switches
- Verifying Trunk Links
- VTP advertisement content
- 4000 Series
- The Collapsed Backbone and the VLAN
- Dynamic VLANs
- Standard for Virtual Bridged Local Area Networks (IEEE 802.1Q)
- Using VLAN Trunk Protocol (VTP)
- Management domain name
- 2950 and 3550 Series Switches
- Switches remove the physical boundary
- Configuring Static VLANs
- Trunking
- VTP Modes of Operation
- Subset Advertisements
- Adding to a VTP Domain
- VLANs, Trunks, and VTP
- Scaling the Switch Block
- Catalyst 4000 Series
- Configuring Trunk Ports
- Layer 2 Switching and the Spanning Tree
- Layer 2 LAN Switching
- Comparing Bridges to Switches
- How switches learn hosts’ locations
- Selecting the Best Path
- Convergence
- Configuring Spanning Tree
- Forwarding/Filtering Decision
- Selecting the Root Bridge
- Sizing the Network
- Detecting Loops
- Broadcast and Multicast Frames
- BPDUs
- Spanning Tree Example
- Bridge ID priority 542
- Loop Avoidance
- Selecting the Root Port
- Spanning tree example
- Broadcast Storms
- STP Link Cost
- LAN Switch Types
- Three Switch Functions at Layer 2
- Multiple Frame Copies
- Selecting the Designated Port
- Store-and-Forward
- MAC Table Instability
- Spanning Tree Port States
- Cut-Through (Real Time)
- Address Learning
- Spanning Tree Operation
- STP default timers
- FragmentFree (Modified Cut-Through)
- Multiple Spanning Tree (MST)
- Scaling the Spanning Tree Protocol
- Determining the Root
- Using Spanning Tree with VLANs
- Configuring the Root
- Creating VLAN Standards
- set spantree root Parameters 550
- Per-VLAN Spanning Tree (PVST)
- Common Spanning Tree (CST)
- Per-VLAN Spanning Tree-
- Prioritizing traffic by VLAN
- Load Balancing and Redundancy
- Changing the STP Timers
- Load Balancing
- Using Redundant Links with STP
- Redundancy
- Modifications to EtherChannel
- PortFast
- Parallel Fast EtherChannel Links
- Configuring PortFast
- When a Root Isn’t the Root
- EtherChannel Guidelines
- PortFast and BPDUs
- Setting the Port Cost
- Configuring EtherChannel
- UplinkFast
- Setting the Port Priority
- Port Aggregation Protocol (PAgP)
- Configuring UplinkFast 573
- BackboneFast
- Configuring and Verifying BackboneFast
- Rapid Spanning Tree Protocol 578
- A Single Trunk Link
- Assigning MAC Addresses to VLAN Interfaces
- Single trunk link for all VLANs
- Defining a Default Gateway
- An Internal Route Processor
- Configuring Internal Routing on an IOS-Based Switch 594
- Inter-VLAN Routing THE CCNP EXAM TOPICS COVERED IN THIS
- Internal Routing on an IOS-Based Switch
- Routing Between VLANs
- Using ISL and 802.1Q Routing
- ISL Network Cards
- Configuring ISL/802.1Q with an External Router
- Multiple Links
- Configuring ISL/802.1Q on an Internal Route Processor
- Routers with multiple links
- Configuring VLANs on an Internal Route Processor
- Enable packet
- Verifying the VTP Domain
- Enabling MLS on the MLS-SE
- Verifying the Configuration
- Process Switching
- MLS Procedures
- MLS Cache
- Subsequent Packets
- VTP Interface Configuration
- Configuring Flow Masks
- Displaying the MLS Cache Entries
- Fast Switching
- MLS example topology
- Identifying Candidate Packets
- Disabling MLS
- VLAN Assignments
- Destination-IP
- Removing MLS Cache Entries
- Optimum Switching
- MLSP discovery
- Destination Other Than the MLS-RP
- The Right Way to Disable MLS
- Interface Configurations
- Source-Destination-IP
- Using Acceptable MLS Topologies
- The CEF Forwarding Process
- Multilayer Switching
- Identification of candidate packets
- Cache Entry Exists
- The Wrong Way to Disable MLS
- MSA Management Interface
- IP-Flow
- Multilayer Switching (MLS)
- Configuring CEF 626
- Understanding the Fundamentals of MLS
- Identification of enable packets
- No Cache Entry
- Configuring MLS-RP
- Verifying the MLS Configuration
- Using Cache Entries
- Cisco Express Forwarding (CEF)
- Router-on-a-stick diagram
- Layer 3 switching of subsequent flow packets
- Candidate packet
- Identifying Enable Packets
- Enabling MLS
- Access Control Lists (ACLs)
- Modifying the Cache Aging Time
- The Trouble with CEF and Layer 3 Switching
- Large Packet Streams
- MLSP Discovery
- Frame Modification
- VTP Domain Assignments
- Configuring the MLS Switch Engine
- Modifying Fast Aging Time
- Legacy Routing and Layer 3 Switching
- MLS Requirements
- XTAGs MLSP discovery
- Unicast communication
- Mapping IP Multicast to Ethernet
- Broadcast
- IP multicast mapped to MAC multicast 635
- Broadcast message on a network
- Multicast is a different
- Multicast communication
- Understanding and Configuring Multicast Operation
- Using Multicast Addressing
- Multicast Overview
- IP Multicast Reserved Addresses
- Unicast
- multiple IP routers
- Configuring TTL
- The Fast-Leave Trap 678
- IGMPv1 Query process
- Internet Group Management Protocol Version 3 (IGMPv3)
- Multicast and Spanning Tree
- Bidirectional Shared Tree Distribution
- DVMRP tunnels
- Core-Based Trees
- Planning and Preparing for Using IP Multicast
- IP PIM Sparse-Dense Mode
- Joining a Multicast Group
- Join Process
- Membership Query
- Routing Multicast Traffic
- Bidirectional shared tree
- Multicast Open Shortest Path First (MOSPF)
- PIM DM grafting
- End-to-End IP Multicast
- Interface Activation Criteria for Sparse-Dense-Mode Interfaces
- Troubleshooting IP Multicast Connectivity
- Layer 3 to Layer 2 Overlap
- Unsolicited join requests
- Membership Report
- Distribution Trees
- Managing Multicast Delivery
- Intra-Area MOSPF
- CBT data distribution
- Configuring IP Multicast Routing
- Configuring a Rendezvous Point
- Changing the IGMP Version
- Multicast addressing overlap
- Leave Process
- Cisco Group Management Protocol (CGMP)
- Source Trees
- Reverse Path Forwarding (RPF)
- Intra-Area and Inter-Area MOSPF
- CBT data distribution
- Enabling IP Multicast Routing
- Manual RP Configuration
- Enabling CGMP and IGMP Snooping
- Managing Multicast in an Internetwork
- Internet Group Management Protocol Version 2 (IGMPv2)
- Multicast Design
- Source tree forwarding
- Time to Live (TTL)
- PIM DM
- PIM SM
- Enabling PIM on an Interface
- Auto-RP Configuration
- CGMP Router Configuration
- Subscribing and Maintaining Groups
- General and Group-Specific Query Processes
- CGMP Join
- Shared Trees
- TTL threshold utilization
- PIM DM flooding
- PIM SM pruning
- IP PIM Dense Mode
- Designating a Default RP
- Advertising RP Group Assignments
- Catalyst Switch Configuration
- Internet Group Management Protocol Version 1 (IGMPv1)
- IGMPv2 Leave Process
- Host Management
- Shared tree forwarding
- Routing Protocols
- PIM DM pruning
- Multicast Source Discovery Protocol (MSDP)
- IP PIM Configuration Options
- Configuring the RP Mapping Agent
- IGMP Snooping
- Membership Query Process
- IGMPv2 Leave process
- IGMP Snooping
- Unidirectional Shared Tree Distribution
- Distance Vector Multicast Routing Protocol (DVMRP)
- Sparse Mode Routing Protocols
- Source-Specific Multicasting (SSM)
- IP PIM Sparse Mode
- Connection-Oriented Transport 685
- Quality of Service (QoS)
- Understanding Application Needs
- E-mail application fragments
- WWW Traffic
- Voice over Ethernet
- Understanding the Fundamentals of QoS
- Best Efforts Networks
- The Differentiated Services Model 688
- Connectionless Transport
- Streaming Transport
- Common Problems in Best Efforts Networks
- Simple Delay
- Jitter
- Packet Loss
- QoS Options
- cisco
- The Differentiated Services Model
- IEEE 802.1p
- Applying the QoS Model
- Prioritizing Traffic Classes 692
- Configuring QoS on Cisco Switches
- 2950 Series Switches
- 3550 Series Switches
- Configured QoS
- Auto-QoS
- 4000 Series Switches
- Queuing Mechanisms
- Queuing Mechanisms
- Auto-QoS
- Priority Queuing 701
- we..
- Configuring HSRP
- Custom Queuing
- HSRP in Action at the ISP Edge
- Redundancy in Switched Networks
- Server Load Balancing
- Hot Standby Router Protocol
- Configuring SLB
- HSRP Operation
- SLB Stateful Backup
- HSRP accost process
- Virtual Router Redundancy Protocol
- Interface Tracking
- Gateway Load Balancing Protocol
- Multiple HSRP Groups
- Active Aperture Selection
- cisco cisco
- ciscoo
- I
- happy year cisco
- Transparent Ethernet
- Crossbar Switching Fabric
- Catalyst Switch Technologies
- Bridging Table Operation
- The Switching Process
- Content Addressable Memory (CAM) 714
- Switch Architectonics and Components
- Addressing
- Non-blocking Switches
- Prioritization, Redundancy, and Failover
- Switch Fabrics
- Load-Balancing
- Bus Switching Fabric
- Configuring GLBP
- Shared Anamnesis Switching Fabric
- Debugging, Management, and System Testing
- CatOS/IOS Hybrids
- Contiguous Buffers
- 6500 Series Switches
- Native IOS
- 4000 Series Switches
- Switches: The Current Range
- Ternary Content Addressable Memory (TCAM)
- 3550 Series Switches
- 2950 Series Switches
- 2950 Series Software
- Particle buffers
- System Testing
- Standard Image IOS
- Software
- The Cisco Cluster Management Suite (CMS)
- Enhanced Image IOS
- Memory
- Debugging
- 4000 and 6500 Series Software
- Rings
- X.25
- Integrated Services Digital Network (ISDN)
- Cisco Solutions for Remote Access
- Asynchronous Dial-Up
- WAN Connection Types
- Remote Access
- Frame Relay
- Wireless and Cellular
- New WAN Connection Technologies
- Asynchronous Transfer Mode (ATM)
- Cable Modems
- Leased Lines
- Summarizing WAN Connection Technologies
- Digital Subscriber Line
- WAN Encapsulation Protocols
- Manageability Comparison of WAN Technologies
- Bandwidth
- Remote Access in the Field: Manageability
- Frame Relayy
- Manageability
- The X.25 Protocol
- Cost Comparison of WAN Technologies
- Serial Line Internet Protocol (SLIP)
- Bandwidth Comparison of WAN Technologies
- Asynchronous Transfer Mode (ATM)
- Worldwide Availability of WAN Technologies
- Cost
- High-Level Data Link Control (HDLC)
- Point-to-Point Protocol (PPP)
- Selecting a WAN Protocol
- Availability
- Telecommuter
- The Cisco AS5x00 Platform
- ISDN PRI (North America)
- Remote Access in the Field: Outsourcing Remote Access Solutions
- The 700 Series
- The Cisco 7000/7200/7500 Platforms
- ISDN PRI (Europe)
- Fixed Interfaces
- Cisco 700 Series Platform Features
- Remote Branch
- Asynchronous or Analog Connections
- Securty
- The Cisco 1600 Platform
- Frame Relays
- Internetworking Overview and Remote Access Interface Options
- Virtual Private Networks (VPNs)
- The 1000 Series
- The Cisco 1700 Platform
- Identifying Company Site Equipment
- Cabling and Assembling the WAN
- Choosing Remote Connection Cisco Products
- Applications in Use
- The 800 Series
- The Cisco 1800 Platform
- Central Site
- Product Selection Tools
- Reliability Comparison of WAN Technologies
- Product Selection and Outsourcing
- The Cisco 2500 Platform
- The Cisco 3600 Platform
- Reliability
- The Cisco 2600XM Platform
- The Cisco 3700 Platform
- ISDN BRI
- Modular Interfaces
- Quality of Service (QoS)
- Verifying the Remote Branch
- Modulation Standards
- DTE-to-DCE Signaling
- The Cisco 1600 LEDs
- Signaling and Cabling
- Verifying the Central Site
- Remote Access with Modems
- The 3640 router front view
- Asynchronous Connections
- Understanding Asynchronous Modems
- Configuring Asynchronous Modem Connections
- Verifying the Telecommuter Installation
- Verifying a Network Installation
- Error Correction
- The Cisco 766 LEDs
- Data Compression
- The modemcap edit Command
- Commands for Automatic Configuration
- Automatic Configuration
- Dedicated or Interactive PPP
- The Flag Field
- Configuring PPP
- RFCs for Remote Access Networks
- Verifying and Troubleshooting the Automatic Configuration
- Configuring Access Servers
- The Information Field
- PPP Overview and Architecture
- The Frame Check Sequence (FCS) Field
- Point-to-Point Protocol
- PPP Assigned Protocol Fields
- Asynchronous Router Commands
- The Protocol Field
- The Control Field
- Manual Configuration
- The Address Field
- Common AT Commands
- Interface Addressing Options for Local Devices
- How DHCP Works
- Configuring Dynamic Addressing
category: Cisco Computer Networking
- How to Pack Your Trunk for the Trip to the Other Switch
- Example Rule for Sending the Bits
- Public Network Models Provide Pervasively Popular Networks
- Standards for Physical Networking Nearby
- Running the Local Department of (Network) Transportation
- Basics of Data Transmission Across a Wire
- Pinout Options for RJ-45 Connectors
- Major Components of a Structured Wiring Plan
- How to Avoid Most Wrecks
- Ethernet Source and Destination Addresses
- Betty Waiting on Fred's Frame That Was Sent to Barney
- Barney Waiting to Send, When Fred Sends to Barney
- Switch Logic for Unknown Destinations
- Ethernet Specifications
- What Is a Network?
- Three Broadcast Domains- A Hub-a Switch-and a Hub and Switch
- Using the Network by Accident
- No Forwarding Between the Two VLANs
- Downloading and Transferring Files
- Copying myproject.doc Between Barney and Fred
- Switch2's Dilemma: Which VLAN?
- Sending the Bits a Packet (Package) at a Time
- How TCP/IP Standards Grow
- Standards for Physical Networking Far Away
- How to Build a Local (Network) Roadway
- The Need for a Two-Lane (Network) Road
- Driving in the Right Lane (Pair) on the Road
- Rules of the Road: How to Use the Local (Network) Roadway
- Collision Avoidance by Listening Before Sending
- I Don't Understand a Thing You're Saying
- Switches: How to Create Dozens of Lanes on the LAN
- Barney and Fred Sending and Receiving at the Same TimeFull Duplex
- How to Go Everywhere at the Same Time
- A Switch for All Speeds
- No, Really, What Is a Network?
- Multiple Physical LANs Require Multiple Switches
- Using the Network on Purpose
- Why You Need More Than One LAN
- If 100 Devices in a LAN Is Good, 1000 Devices Must Be Better
- Network-Based Applications Covered in This Chapter
- Trunking Header Tells Switch2 What to Do
- What to Do When the Bits Get Bashed
- Some Pretty Popular TCP/IP Protocols
It always helps to think about specific examples when learning
something new
- Fred's Alternative to Running a Cable 500 Miles: A WAN Using a Leased Line
- Driving Bits Across the Network Roadway
- Concurrent Data Transmission Across Two Different Wires
- Both PCs Using the Same Pair (Lane) to Send Data
- Preparing for a Trip: How to Make Your Car (Data) "Street Legal"
- What to Do When a Wreck Happens
- How the FCS Field Is Used
- Switch Logic for Fred's Frame Sent to Barney
- Full Duplex and Full Switching
- Switch Flood Broadcast Frames
- Supporting Multiple Speeds on a Single Switch
- What an Elephanterr, a NetworkLooks Like
- Small Physical LAN, and You Are in Charge
- Conceptual View of the Internet
- OSI Layer 8 Issues
- Building a Network: It All Starts with a Plan
- Tale of Two Trunking Protocols
- A Simple Protocol for Error Recovery
- Transmission Control Protocol (TCP)
- How to Eat an Elephant, TCP/IP Style
- What's a Local-Area Network?
- The Equivalent of Asphalt: Cables
- PCs Using Different Pairs (Lanes) to Send Data
- LAN-Legal Data: An Ethernet Frame
- Stopping at the Destination: What Happens When Someone Comes to See You
- Two Standards for Ethernet
- Fred Sending to Barney, While Betty Sends to Wilma
- Switches: The Rest of the Story
- I Feel the Need, the Need for Speed
- Autonegotiation with 10/100 Cards
- Three Blind MenThe Server Guy, the Cabling Guy, and the Network Guy
- Two Physical LANs: Broadcasts Do Not Leave the Originating LAN
- Web Browsing
- OSI Layer 3 Design Goals
- Conforming to the Rules
- Shipping and Logistics: Commerce Using the (Network) Roadways
- The Book(s) of Rules, Networking model
- TCP Error Recovery
- Four-Layer TCP/IP Network Model
- Components of a Simple LAN
- Typical LAN Cable
- Sharing the Local Roadway: Ethernet Hubs
- Ethernet Frame Sent from Bob to Larry
- Are They Coming to Our House or the Neighbor's House?
- IEEE Ethernet Headers and Trailers
- The Perfect Roadway: No Wrecks Allowed!
- Painting the Road Signs:Learning MAC Addresses
- A New, Improved, and Faster EthernetLet's Call It Fast Ethernet
- Adding Local (Network) Roadways for No Extra Money
- Different Types of Traditional Computer Networks
- No Forwarding Between the Two Physical LANs
- Web Browsers and Web Pages on the Internet
- Saving Cash
- Rules, Schmools for Networking
- Proprietary Network Models Prevent Pervasive Population of Networking Devices
- Internet Protocol (IP)
- How to Eat a T-Rex, OSI Style
- Transmitting Bits Across the Local Network Roadway
- Shielded Twisted Pair (STP) Cabling
- Ethernet Hub Repeats Everything It Hears
- Driving Where I Want and When I Want Is Pretty Cool
- How Bob Decides the Frame Was Sent to Him
- Reducing Congestion and Driving Faster on the Local (Network) Roadway
- Potential Collision When Forwarding Multiple Frames onto the Same Pair
- Learning by ListeningA Great Life Lesson
- If Fast Ethernet Is Good, Even Faster Is Better: Gigabit Ethernet
- The Physical Reality Precedes the Virtual Reality
- Big Company, Multiple Sites: An Enterprise WAN
- Virtual (LAN) Reality: One Switch, but Multiple LANs
- Web Page
- Packing Your VLAN's Frames in a Trunk When Leaving the Switch
- Examples of Good Rules for Networking
- Non-Networking of IBM and DEC Networks in a Single Company
- Routing Based on IP Addresses
- T-Rex Versus the Elephant
- Basic Flow with Fred Using a File/Print Server
- Painting the Lines on the Road: Connectors
- Hubs Use Straight-Through Cabling to PCs
- Why Wrecks (Collisions) Happen on Ethernet
- Binary Numbers and Their Hex Equivalents
- Reducing Congestion by Opening Up More Lanes on Each LAN
- Switch Avoids Collisions by Buffering the Frames
- The Forward Versus Filter Decision
- Ultra Super-Fast Fast Ethernet: 10 Gigabit Ethernet
- Physical LANs: It's All About Broadcasts
- Just You and Me and the Whole WorldThe Internet
- How to Create a Virtual LAN
- Electronic Mail (E-Mail)
- Forwarding Frames Between Two Switches
- Traveling a Roadway for a Bit to Get a Byte
- DECnet Emulating SNA Using a Gateway
- TCP/IP Standards That Aren't TCP/IP Standards
- OSI Model Versus TCP/IP Model (a.k.a. T-Rex Versus the Elephant)
- Driving Bits Across a Wire
- Typical Networking Connector (RJ-45)
- Dirt Roads Versus the DOT
- Collision Between Bob's and Archie's Frames
- Who Is It, Honey?
- Hubs-A One-Lane Road
- Using Full Duplex: Making the Streets Two Way
- What to Do When the Road Sign (Address Table) Doesn't List Your Destination
- Summary of Ethernet Speeds
- Networking Basics
- Master of Your Own (Broadcast) Domain
- Network's Reason for Existence
- Two Virtual LANs: Broadcasts Do Not Leave the Originating VLAN
- Internet Using Mail Servers
- Dynamically Learning and Changing Routing Tables
- Looking Up the Name and Number in the Phone Book (Host Table)
- Postal Worker Picking Up and Dropping Off the Mail
- How Names Should Be Formatted
- The KISS Principle and SMTP
- FTP Process for Transferring Files
- Connecting to the Fredsco Home Page
- Adding Shipping Information to Data by Encapsulating in a TCP Header
- TCP Error-Recovery Process
- Using the Destination Port Field Like a Recipient's Name on a Shipping Label
- Navigating When Going from Mason and Cincinnati
- Postal Sorting Using Zip Codes
- The Problem: Wasting IP Host Addresses
- Getting into Your Car to Drive to Lunch
- Step 1
- Step 2
- How to Drive When You Aren't Leaving the Neighborhood (Subnet)
- R2 Learning Routes from R1
- Using a PC's Local Host File
- Sending E-Mail Using E-Mail Servers
- Simple SMTP Messages: Identifying the Client and the Recipient
- Warehouse Lingo and Procedures
- Buy One, Get a Bunch for Free
- TCP Treats All the Data as Data
- maximum segment size
- The Chicken, the Egg, and the Destination Port of the First Segment
- IP as the Postmaster General of the Network
- IP Zip Codes: Network Numbers
- The Solution: Subnetting Saves IP Host Addresses
- Encapsulating an IP Packet in an Ethernet Frame
- Choosing Which Road to Take at the First Intersection
- Choosing Which Road to Take at the Final Intersection
- Decision Process with Local Subnet Destinations
- Painting the Road Signs on Your Interstate (Internetwork)
- R1 Learning by Listening for Routing Updates
- Asking Someone Else to Look Up the Phone Number (IP Address) for You
- Postal Address Versus E-Mail Address
- What to Do When You Need a Little POP in Your Network
- Stocking the FTP Warehouse
- Transferring All the Files That Make Up a Web Page
- Purchasing Insurance for Your (Network) Shipment
- Segmenting Data Before Sending
- Initializing TCP Port Numbers
- Knowing the Address Before Driving to the Destination
- Three Sizes Fit All
- Using One Network with Multiple Subnets
- Encapsulating an IP Packet in an Ethernet Frame
- The Beginning of R1's Routing Logic
- The Still Useful, but Still Short Life of an Ethernet Frame
- Routing to Nearby Places
- Picking the Best Road (Route)
- Asking for Name Resolution Help Inside the Company
- How a Two-Part E-Mail Address Is Used
- Basic Authentication with POP3
- Copying Inventory (Files) from the FTP Warehouse
- Choosing Shipping Options When Transporting the Goods over the (Network) Roadway
- Assuring Data Delivery
- Why Three Smaller Segments Is Better Than One Big Segment
- Starting Off on the Right Foot Using a TCP Connection
- Using Addresses on the (IP) Shipping Label
- Sizes of Network and Host Parts of IP Addresses
- Knowing Where to Turn at Each Intersection (Router)
- Using the Ethernet Frame to Deliver the Packet to the Default Router
- The Useful but Short Life of an Ethernet Frame
- The Routing Table at R2: Same Destination, Different Forwarding Instructions
- Configuring a Router with Its IP Addresses and Attached Subnets
- Multiple Ways to Get to the Same Place
- Resolving Names and Addresses: The Basic DNS Process
- Rules, Schmools: Even More Rules?
- SMTP and POP3 Working Together
- Rules, Schmools for FTP
- operating system (OS),"Hello, I'm at Your Service"
- The Mechanics of Delivery Confirmation
- My Little White Lie About Acknowledgments
- Keith's TCP Connections
- IP Packets, Including Details About the Data
- Small- Medium-and Large IP Networks
- A Short Trip from Your House (PC) to the Local Store (Server)
- Learning How to Go to the Default Post Office (Router)
- Deciding Where to Go Next
- R2's Routing TableSame Destinations, Different Instructions
- You're Already There: Directly Connected Routes in R1's and R2's Routing Tables
- Choices, Choices: Using the Metric to Pick the Best Route
- Chapter 8. Shipping Goods over a (Network) Roadway
- Asking for Name Resolution Help Outside the Company
- TCP/IP E-Mail Standards
- Typical Usage of SMTP and POP3
- Browsing Around the Internet Shopping Mall: The World Wide Web
- Application Program and Application Layer Asking the Transport Layer for Help
- The Format of the Shipping Label: TCP Headers
- Acknowledging Each Byte
- Navigating the Roadways to Find the Right Street Address
- Putting a Name on the Shipping Label
- The Actual Class A, B, and C Network Numbers
- Overview of the End-to-End Routing Process
Let's review the basic process of routing as covered in Chapter 10
- What Hannah and R1 Know Before Using ARP
- Routing Decisions Based on the Routing Table
- Yet Another Short-Lived Ethernet Frame
- Painting Road Signs and Other Long-Lasting Directions
- Introducing the Long List of Routing Protocols
- Neither Rain, Nor Sleet, Nor Dark of Night: E-Mail
- DNS Request Is Made- but DNS Server Doesn-t Know the Name
- E-Mail Client Application and Its Use of Application Layer Protocols
- Building a Centralized Warehouse: File Transfer
- Building and Stocking the New Retail Store, AKA New Website
- Full-Service Shipping
- Delivery Confirmation, No Errors
- Delivering the Package to the Right Person, Not Just the Right Address
- Delivering the Goods to the Right Street (IP) Address
- How to Run a (Network) Postal Service
- List of All Possible Valid Class A, B, and C Network Numbers
- Leaving Your Neighborhood the Same Way, Every Time
- Hannah Sending an ARP Broadcast, Looking for 8.1.1.250's Ethernet Address
- Yet Another Ethernet Data Link Frame
- Other Rules of the Road
- Painting a Routing Table with a Static Route
- IP Routing Protocols
- Dropping Off and Getting Your (e)Mail
- How DNSs Work Together
- Protocols for Addressing the Envelope Correctly: Internet Message Formats
- Warehousing Process for Transferring Stuff
- Rules, Schmools for Web Retailing
- Shipping Basics: Controlling Shipments Using Shipping Labels
- Lose All You WantWe'll Make More
- TCP destination port
- Navigation Basics: Driving to the Right Destination
- One Location, One Zip Code, One Network Number
- Subdividing a Network into Subnets
- By Default, Leave Your Network Via the Default Router
- ARP Reply from R1 to Hannah
- R1's ARP Broadcast, R2's Reply, and Finally Packet Forwarding
- R2's Routing TableSame Destinations, Different Instructions
- The Many Personalities of a WAN Link
- WAN Link Installation Plan
- Leasing a (Network) Roadway Between Lots of Places
- It's Virtually Like a Leased Circuit, So Let's Call It a Virtual Circuit
- You Can't Just Send DataYou Have to Send a Frame Relay Frame
- Making Data Sound Like Voice
- Calling the ISP Local POP
- Accepting the Right People and Rejecting the Wrong People
- Building an Interstate (Inter-LAN) Highway System
- Different Names for WAN Link
- Routers and WANs: A Match Made in Heaven
- Making the Telco Look Like One Big Whopping Switch
- Frame Relay PVC Concepts
- Forwarding an IP Packet over a Frame Relay PVC
- Analog Electrical Signal: Frequency and Amplitude
- Now That I Know Whom to Call, What Do I Say?
- Safe Driving by Using AAA
- Leasing a (Network) Roadway Between Two Points
- Differences Between a Cross-Over Cable and a Leased Circuit
- Same Subnets, Similar Routing Table, Over the WAN Link
- Cabling a Router to the Big Frame Relay Switch
- Faster, Cheaper, BetterYou Can't Go Wrong with Frame Relay
- Addressing Is Much More Interesting on Frame Relay Than on Serial Links
- What Phones Do for Voice, Modems Do for Data
- Using the Phone Line for Datathe DSL Way
- Checking for Fake Drivers' (Users') Licenses
- Leasing the Cable When You Can't Run the Cable
- I Feel the Need, the Need for Speed
- You Can't Just Send Data; You Have to Send a Frame
- Physical Parts of Frame Relay
- You Can Still Use Serial Links, but It Will Cost You Up Front
- Driving from Home onto the Globally Interconnected (Internet) Roadway
- Comparing a Phone to a Modem
- Dr. Analog Voice and Mr. Hiding Digital
- Basic Authentication Using a Username and Password
- You Can't Lease the Cross-Over Cable, So Lease Something Almost Just Like It
- The Need to Control the Speed
- Forwarding an IP Packet over a WAN Link
- Basic Logic Used by the Big Whopping Frame Relay Switch
- Three Leased Lines to Connect Three Routers
- Once on the Interstate (Internet), You Can Go Anywhere
- How Fast Can You Talk?
- DSL Connection from the Home
- It's Not Really a 450-Mile Cable, but It Works Like One
- The Need to Control the Speed
- Encapsulation in HDLC
- Frame Relay Switching Using Frame Relay Addresses
- Get Your Free Bandwidth Here! Free Bits!
- Reaching the World Through One Connection to the Internet
- Calling the Internet! Calling the Internet!
- Faster Is Better
- Establishing a Physical Path from the Customer to the Telco
- Cabling with Internal and External CSU/DSUs
- Addressing on WAN Serial Links
- If Two Sites Are Good, Three (or More) Must Be Better
- Typical Frame Relay Network with Three Sites
- Comparisons of WAN Links, Frame Relay, and the Internet
- Now That I Know How to Talk, Whom Should I Call?
- Sending Data from Home Without Using a Phone Line
- A Leased Line, A Leased Circuit, A Point-to-Point Link, and A WAN Link
- Double Your Speed at No Cost
- The Choice of Two Data Link Protocols
- Frame Relay Switching to Multiple Remote Sites
- Routers and WANs: Still a Match Made in Heaven
- Using a Phone Line for Data
- Basic Operation of Modems over PSTN
- Securing the Network
- Chapter 7
- Chapter 15
- Binary Numbering System
- First Three Steps of Converting Decimal 235 to Binary
- Final Pass Through Step 4 of Decimal-to-Binary Conversion of Decimal 100
- Glossary A
- Glossary i
- Glossary r
- Cisco Systems
- No Appls Yet? Be a Good CHAP and Ask PAP
- An Enterprise Network Connecting to the Internet
- Deciding When to Stop the Traffic
- Avoiding Catching Cold
- Chapter 8
- Chapter 16
- Binary Numbering: 1s, 2s, 4s, 8s (and so on) Digits
- First Pass Through Step 4 of the Conversion Algorithm, with 26 (64) as the Power of 2
- Converting IP Addresses
- Glossary B
- Glossary j
- Glossary s
- Basics of PAP
- Typical Types of Traffic Allowed Between an Enterprise and the Internet
- Allowing the TCP Connection from Figure 18-5
- Profiling What the Bad Guys Want to Do
- Chapter 9
- Chapter 17
- Converting Between Binary and Decimal Numbers
- Second Pass Through Step 4, for 25 (32)
- Converting Decimal IP Addresses to Binary IP Addresses
- Glossary c
- Glossary k
- Glossary t
- Stopping Someone from Using Your License (Password)
- Traffic That's Typically Not Allowed
- Disallowing a TCP Connection to an Inside Web Server
- Appendixes
- Chapter 1
- Chapter 10
- Chapter 18
- Converting from Binary to Decimal
- Third Pass Through Step 4, for 24 (16)
- Conversion of Decimal IP Address 100.235.2.2 to Binary
- Glossary d
- Glossary l
- Glossary u
- Hashing Passwords to Create a Message Digest
- Characterizations of What's Allowed and What's Not
- Safe Places Outside of Your Neighborhood (Network)
- Chapter 2
- Chapter 11
- Appendix B. Converting IP Addresses Between Decimal and Binary
- Example of Binary-to-Decimal Conversion: 10101101
- Fourth, Fifth, and Sixth Passes Through Step 4
- Converting Binary IP Addresses to Decimal IP Addresses
- Glossary e
- Glossary m
- Glossary v
- Hey! How Did You Get in Here?
- You're Wearing Your Credit Card Number on Your T-Shirt
- Enforcing the Ground Rules
- A Safe but Potentially Risky Place: The DMZ
- Chapter 3
- Chapter 12
- Decimal and Binary Numbering Systems
- Converting 10101101 to Decimal: Multiplying Each Column and Then Adding Them Together
- Last Pass Through Step 4, for 20 (1)
- Conversion of Binary IP Address to Decimal
- Glossary f
- Glossary n
- Glossary w
- Checking the License to Find Out if He Can Drive That Kind of Vehicle
- Encrypting IP Packets for a VPN
- Putting Up a Wall Between the Dangerous Folks and Your Network
- Using the Police to Watch for Bad Guys
- Chapter 4
- Chapter 13
- Decimal Numbering System
- Decimal Powers of 2
- First Three Steps of Converting Decimal 100 to Binary
- Using a Conversion Chart
- Glossary g
- Glossary o
- Glossary z
- Fred Can't See Others' Payroll Information
- Keeping a Watchful Eye Over Who Drives into Your (Network) Neighborhood
- Ways to Watch Your (Network) Neighborhood
- Watching for Wolves in Sheep's Clothing
- Chapter 5
- Chapter 14
- Decimal Numbering: 1s, 10s, and 100s Digits
- Converting from Decimal to Binary
- Passes Through Step 4 for 2x Values of 32, 16, 8, 4, and 2 of Decimal-to-Binary Conversion of Decimal 100
- Binary/Decimal Conversion Chart
- Glossary h
- Glossary p
- cisco waas diagram
- Tracking Drivers' (Users') Violations
- Setting the Ground Rules
- TCP Connections and Well-Known Ports
- Watching for Patterns with a Network-Based IDS |
|
|
More Top News
CCSP-Cisco Certified Security Professional
Most Popular
Most Commented
Featured Author
|
