Cisco SPAN port is a SwitchPort ANalyzer on the cisco catalyst that allows to select and span or copy traffic from one or more source switchports or source VLANs onto one or more destination ports. The destination port(s) runs a sniffing or a packet capture program like Ethereal, Wireshark or TCPDump.
Cisco IOS support Local SPAN and Remote SPAN (RSPAN). (more…)
Using Telnet for remote administration of Cisco Routers and Switches (infact for any other device like a unix,linux or a solaris seerver) is not very secure as the data including the passwords are sent in clear text. It will only be a matter of time for a malicous attacker who can sniff the packets to gain access to the passwords and infact the whole network.
It is recommended that Secure Shell (SSH) is used for remote administration of Cisco Routers and Switches.
NOTE: Cisco IOS on the Catalyst switches are by default supplied with the SSH feature bultin. However, the basic Cisco IOS for the routers do not have the SSH facility built-in. To use the SSH feature on Cisco Routers, you need to have the Cisco IOS version with the IPSec(DES or 3DES) encryption software.
Ziptie is an Opensource Network Inventory and Configuration Management framework that can discover and manage network devices such as Routers,Switches and Firewalls. Ziptie out of the box support network devices from multiple major vendors. Ziptie is java based and is built on Eclipse framework. Ziptie can run on many Operating System platforms including Windows, Ubuntu, Fedora,Redhat, Madnriva amd most other Linux Distributions.
Cisco Port Security is a features that can help secure access to the physical network. Any Network admins nightmare is an unauthorised device or a PC connecting to the network. This could be as simple as an innocent guest plugging his PC into a floor port hoping to get an internet connection or a malicious intruder connecting to the network trying to gain access to confidential information.
Consequences could as bad as
Cisco IOS has the port-security feature which can be used to restrict the MAC-Address of the devices that connects to each of the physical switchports.
As a Network admin there will be more than one instance when we hit a state where we need to rollback to a previous configuration. In Cisco Switches and Routers this can be done using the configure replace command.
Cisco IOS 12.3 and later supported the new feature called Configuration Replace and Configuration Rollback where by the last saved configuration can be rolled back to the running config.
Map your Cisco Catalyst switchports with Switch Miner. Switch Miner is a lightweight command line tool for Windows that queries Cisco switches using SNMP to discover the devices that are connected to the switchports.
If you have a big network with multiple Access Switches connecting to the core switches or routers then tracing a device like a PC or a laptop for troubleshooting or security purposes is one of those tasks that you often end up doing. This is not a difficult task but can certainly be time consuming.