Port Mirroring

Published on June 2016 | Categories: Types, School Work | Downloads: 33 | Comments: 0 | Views: 225
of 3
Download PDF   Embed   Report

Comments

Content

SWITCHES
Besides filtering traffic by sending the data only to the port that the destination
system resides on, most network switches provide the following benefits:
■ Filtering As mentioned a switch filters traffic, which prevents others from capturing
and viewing potentially confidential information.
■Port

mirroring Port mirroring, also known as port monitoring is a feature of some
switches that allows the administrator to copy traffic from other ports to a single
destination port (known as a monitoring port). Because the switch filters traffic
by default, the administrator cannot monitor network traffic. The switch vendors
had to come up with a way to copy all the traffic to a single port so the
administrator could connect their monitoring system to that port. The following
commands are used to configure port 12 (known as an interface) on the switch to
monitor traffic sent or received on ports 1 to 5:
HAL-SW1(config) # interface fastethernet 0/12
HAL-SW1(config-if)# port monitor fastethernet 0/1
HAL-SW1(config-if)# port monitor fastethernet 0/2
HAL-SW1(config-if)# port monitor fastethernet 0/3
HAL-SW1(config-if)# port monitor fastethernet 0/4
HAL-SW1(config-if)# port monitor fastethernet 0/5

■ Port security Port security is a feature of a network switch that lets you configure a
port for a specific MAC address. This allows you to control which systems can
connect to the switch because the switch can temporarily disable the port until
the correct system is plugged into the switch. The following commands are used
to configure port 6 on the Halifax switch to accept only connections from a
particular MAC address. In this example, the MAC address is aaaa.bbbb.cccc,
which you would replace with an actual MAC address:
HAL-SW1(config)#interface f0/6
HAL-SW1(config-if)#switchport mode access
HAL-SW1(config-if)#switchport port-security
HAL-SW1(config-if)#switchport port-security mac-address aaaa.bbbb.cccc
HAL-SW1(config-if)#switchport port-security maximum 1
HAL-SW1(config-if)#switchport port-security violation shutdown
■ Disable ports It is a security best practice that if you have ports on the switch that are
not being used, you should disable them so that they cannot be used. The
following commands are used to disable ports 7 through 12 on a Cisco switch
with the shutdown command:

HAL-SW1(config)#interface range f0/7—12
HAL-SW1(config-if-range)#shutdown
Collision Domains
Another important feature of a switch is known as collision domains. A collision
domain is a group of networked systems that share the same network segment and
therefore can have their data collide with one another. For example, in a network hub if
one system sends data, any other system connected to the hub could send data at the same
time, resulting in data collision. This is because the hub creates a “shared” network
segment that all systems have access to. With a switch, each port on the switch creates a
collision domain that is its own network segment. Because no other system is on the
network segment, there won’t be data collisions.

VLANs
Most switches today support a feature known as Virtual LANs (VLANs). The
purpose of a VLAN is to create multiple networks within the one network switch. One
way to do this is by placing ports on the switch into groupings known as VLANs. When a
system is connected to a port on the switch, it becomes a member of the VLAN that the
port is associated with. The important point is that when a system is a member of one
VLAN, it cannot communicate with systems in another VLAN. It’s as if each VLAN has
its own switch with no connection to another switch. Figure above displays a switch
configured in two VLANs. In this example, Computer A can communicate only with
Computer B because they are the only systems in VLAN1. Computer A and Computer B
cannot communicate with Computer C and Computer D because communication across
VLANs is not allowed without a router.
The following code shows how to configure VLANs on a Cisco 2950 switch. This
example shows two VLANs: PrivateLAN and WebServers:
HAL-SW1> enable
HAL-SW1# vlan database
HAL-SW1(vlan)# vlan 2 name PrivateLAN
VLAN 2 added:

Name: PrivateLAN
HAL-SW1(vlan)# vlan 3 name WebServers
VLAN 3 added:
Name: WebServers
HAL-SW1(vlan)#exit
APPLY completed.
Once the VLANs have been created you then place different ports in particular VLANs.
For example, the following commands place ports 18 to 24 in the WebServers VLAN:
HAL-SW1(config-if-range)# interface range f0/18—24
HAL-SW1(config-if-range)# switchport access vlan 3

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close