One of the basic configurations when setting up a Cisco Router or a Cisco Switch is setting the passwords. This includes, setting the passwords for the Console, Telnet/SSH and the Enable (Enable Secret)
The following procedure will help starters set up passwords in Cisco Routers and Switches running Cisco IOS.
Trunk Ports are switchports on Cisco switches that interconnect switches. The trunk port carries traffic for all the VLans across the switches it interconnects. switchport can be enabled and configured as trunks without much trouble.
The following procedure helps setting a switchport into a Trunk port with 802.1q encapsulation.
Any software is pron to have software upgrades either to fix a bug or a Security vulnerability or even for the fact the software has reached its end of life.
While Network devices and appliances are no exception, the upgrade process requires a lot of precautions and measures are taken to ensure that the upgrade process doesn't fail or cause problems post installation. Upgrading Cisco IOS is no exception. Care has to be taken to ensure that the newer version is tested on a test bed before deploying in the production network especially if we are talking core network switches and routers.
DHCP, Dynamic Host Configuration Protocol is the protocol used by network devices like a PC or a printer (DHCP clients) to obtain IP Address, Default Gateway, Domain Name, DNS Servers, NetBIOS servers and more that helps the device to work properly in an IP Network.
While in an ideal scenario, most if not all organisations run the DHCP server on a Windows server or a Linux/Unix server. While this is justfiable in bigger corporate and enterprise networks, a smaller network like a branch office can be supported by a local Router, Switch or a Firewall can run a DHCP server without the need of an additional server hardware to run DHCP. Most of the routers, firewalls and some switches do have a DHCP server builtin. Most of the new Cisco Routers and Switches running Cisco IOS can run a DHCP server.
Using Telnet for remote administration of Cisco Routers and Switches (infact for any other device like a unix,linux or a solaris seerver) is not very secure as the data including the passwords are sent in clear text. It will only be a matter of time for a malicous attacker who can sniff the packets to gain access to the passwords and infact the whole network.
It is recommended that Secure Shell (SSH) is used for remote administration of Cisco Routers and Switches.
NOTE: Cisco IOS on the Catalyst switches are by default supplied with the SSH feature bultin. However, the basic Cisco IOS for the routers do not have the SSH facility built-in. To use the SSH feature on Cisco Routers, you need to have the Cisco IOS version with the IPSec(DES or 3DES) encryption software.
Cisco Port Security is a features that can help secure access to the physical network. Any Network admins nightmare is an unauthorised device or a PC connecting to the network. This could be as simple as an innocent guest plugging his PC into a floor port hoping to get an internet connection or a malicious intruder connecting to the network trying to gain access to confidential information.
Consequences could as bad as
Cisco IOS has the port-security feature which can be used to restrict the MAC-Address of the devices that connects to each of the physical switchports.