Posts from ‘Switches’
Catalyst switch port security is so often recommended. This is because of a couple of important points:
- There are many attacks that are simple to carry out at Layer 2
- There tends to be a gross lack of security at Layer 2
- Port Security can guard against so many different types of attacks such as MAC flooding, MAC spoofing, and rouge DHCP and APs, just to name a few
I find when it comes to port security, however, many students cannot seem to remember two main points:
- What in the world is Sticky Learning and how does it work?
- What is the difference between the different violation modes and how can I remember them?
Sticky learning is a convenient way to set static MAC address mappings for MAC addresses that you allow on your network. What you do is confirm that the correct devices are connected. You then turn on sticky learning and the port security feature itself, for example:
switchport port-security maximum 2 switchport port-security mac-address sticky switchport port-security
Take the latest SWITCH Command Recall exam by clicking the link below. Good luck – and let us know how you scored in the comments area of this post.
Remember to read, AND TYPE, very carefully! I failed my first attempt due to just plain sloppiness.
As you may have noticed, INE does a wide variety of training in the Cisco space. This blog post goes out to all those folks who have recently begun their Cisco training.
This month we delivered new live classes on CCNA and CCNP. We are excited for and encourage our students at every level in their journey. In that light, we have gathered a collection of Videos Answers, targeted at the CCNA level, with a few topics leaking into security and CCNP. These videos were primarily created as quick (under 10 minutes each) Video Answers to questions that various learners have had.
Take a look at the list of topics, and if there are 1 or 2 you feel you would benefit from, feel free to enjoy them.
Here are a few of the topics (in no particular order):
- How the network statement really works in IOS
- Setting up SSH
- Initial commands for sanity sake
- NAT with overload
- Router on a stick
- VRFs Continue Reading
Here ye, here ye, VTP experts. (We are not referring to the Vandenberg Test Program, although they are very likely experts in their field as well. )
Can you predict the results of a 3 switch VTP client/server scenario?
SW1-3, are connected, as shown in the diagram.
Here is the initial output of show VTP status, and show VLAN brief on each. Note that SW1 and SW3 are servers, while SW2 is a client. We will be adding a failure to the network in just a moment. Continue Reading
One of the many skills that you must demonstrate as a CCENT candidate is your ability to configure basic password security on a Cisco router or switch. This blog post walks you through the configurations you must have mastered in order to succeed in this area of the exam.
Sure, everyone knows that it is copy running-config startup-config in order to save your hard-earned configuration to the Non-volatile RAM (NVRAM) inside the device. But what about saving a copy of the configuration on your local PC? Well, this is easy thanks to a couple of tips and tricks, and the wonder of Notepad!