802.11 - Legacy
Yesterday we talked about the wireless concepts (See the post Basic Wireless Concepts) in that post I mentioned the wireless standards but did not go further into detail.
Cisco Skills
Basic Wireless Concepts
Mobility is now a common thing in a business environment, you no longer are fixed to specific cubicle in the work place anymore. What is also amazing is it will continue to change and become easier for employees to get work done, with their phone, tablet, and laptop computer. But what makes this possible? What is the underlying component? The internet is becoming more available in more locations, coffee shops, airports, and your cell phone service provider, with 3G and 4G speeds. Along with the United States of America which is also moving forward with the National Broadband Plan. So today let's explore the wireless concepts! Wireless can be a scary as you can't control it. The signal is transmitted in radio waves and if set up insecurely the WLAN (Wireless Local Area Network) can easily be your weakest link compared to Ethernet LANs. There are four organizations that deal with the wireless standards and products:
Creating VLANs
Today this tutorial is going to be talking about creating VLANs (Virtual Local Area Networks) with a Cisco Catalyst switch. By creating a VLAN you are separating the network, why would you do this? There are some several reasons, like separating your production network from a guest network, and separating a test environment from a production network. This all adds security to your network. You can separate core critical network components from the rest of the production network for added security, easier troubleshooting along with separating or segmenting your network. This is breaking up the broadcast domains into smaller chucks, which will improve your network performance. Let's get started!
Configuring Port Security
Today this tutorial is going to be talking about how to configure port security on a Cisco Catalyst switch. Port security is one of the first things you can do to keep your network secure from unauthorized access. Port security can restrict devices so only devices you allow are granted access to network resources. If and when an unauthorized device is connected to a port you can decide what you want the switch to do. Let's get started! There are three different settings you can configure with port security:
Collision Domains vs Broadcast Domains
These different types of domains mean different things and when designing a LAN both of these domains can harm the performance of your network. If you are not aware of the difference between these two, this tutorial should help you out. If you have a small network at your home there is usually the router/modem that is connected via phone line or cable to the ISP that router/modem is then connected to a switch or they even have a switch built into the device. You connect a few cables turn on some devices and you now have an internet connection ready to go. In larger networks you have more choices that need to looked at. For example when to use a hub, a switch, or a router and how much money do you want to spend? Usually the more money spent you get more ports, performance increases and more features are added. These are all types of components that need to be thought of when designing a LAN. This tutorial is going to be focusing on two major things collision domains and broadcast domains.
Configuring SSH
Today this tutorial is going be talking about how to configure SSH on a Cisco router or switch. SSH or Secure Shell encrypts the data that is sent from the terminal application to the device. Making if far more safer when it is compared to telnet which sends the data in plain text. To add support for SSH to a Cisco router or switch, the device needs some added information then just passwords. The device will need a username and password, this can be configured on a AAA server (Authentication Authorization and Accounting) or on the device locally this tutorial will focus on locally configured usernames and passwords. To set up SSH you need to configure that following information for the purpose of this tutorial the username will be ciscoskills and the password will be cisco.
Understanding UDP
Forever ago I talked about TCP (Understanding TCP) and I said that in that post that UDP would be another day, well this is the day where we get to understand UDP, which stands for User Datagram Protocol. UDP is the total opposite of the TCP communication. UDP in short sends information or data without notifying the receiver that its sending data. UDP is considered a connectionless protocol, and does not guarantee the reliability or order the packets like TCP does. Therefor packets may be dropped and are never recovered.
How I passed the ICND1 Exam
Well my first of the many Cisco certifications that I plan take in the future was a success! I was able to pass the ICND1 exam. This blog post is going to be a little different in that I want to share how I was able to pass this test and talk about my experience.
Understanding Zone Based Firewalls
Earlier we talked about using CBAC (See the post Understanding CBAC) the "classic firewall" and we mention some information about zone based firewalls but not nearly enough. So today we will be talking about zone based firewalls. Why are they different? We also will learn the basics about what is zone based and what are the advantages compared to CBAC.
Common Network Attacks
Network attacks have always been around but they are getting more advanced every day. These attacks are also easy to set up and use. In the past these types of attacks would have to be pulled off by someone who really knew about computers and to know what they are doing. That's a true hacker, now there are programs that do the same damage and sometimes more with a couple clicks of a mouse, so now anybody can bring down a network. The only thing that changes is the motivation of the person. Some People that run scripts or programs don't always know what the program does, so they click on some buttons and the program does its thing, if it fails sometimes the person stops there and gives up. But there are people who want to do some real damage to a company these people usually have organizations like the Anonymous group. So what are some of the common attacks people or organizations do? Well in a company the network administrators might focus on the outside of the network, but have their inside network unsecure or extremely weak. So if somebody on the inside was able to execute and attack it could have a huge effect on the network. So attacks that could occur: