2
© 2002, Cisco Systems, Inc. All rights reserved.
Monitoring network performance with SPAN &VSPAN
3
© 2002, Cisco Systems, Inc. All rights reserved.
Monitoring Network Performance with RSPAN
4
© 2002, Cisco Systems, Inc. All rights reserved.
Modules for Improving network performance
5
© 2002, Cisco Systems, Inc. All rights reserved.
The Network Analysis Module
6
© 2002, Cisco Systems, Inc. All rights reserved.
The Switch Fabric Module
7
© 2002, Cisco Systems, Inc. All rights reserved.
Basic security
8
© 2002, Cisco Systems, Inc. All rights reserved.
Basic security
9
© 2002, Cisco Systems, Inc. All rights reserved.
Controlling management traffic
VLANs
Management traffic should have its own VLAN (I.e. the management
VLAN defined in the switch / router should not be shared with user
traffic)
Access Control Lists (ACLs)
Standard or extended access lists can be used to limit which hosts can
source sessions to VTY lines
Web interface
Enabled using ip http server
ip http port port-number can be used to change the TCP port
on which the switch / router listens for browser requests (default 80)
ip http access-class ACL-number can be used to bind a
standard access list to the http server process, limiting which hosts can
source sessions to the web management interface.
11
© 2002, Cisco Systems, Inc. All rights reserved.
Encrypting communications using Secure SHell
12
© 2002, Cisco Systems, Inc. All rights reserved.
Controlling user traffic
13
© 2002, Cisco Systems, Inc. All rights reserved.
Controlling user traffic
15
© 2002, Cisco Systems, Inc. All rights reserved.
802.1x port-based authentication
16
© 2002, Cisco Systems, Inc. All rights reserved.
17
© 2002, Cisco Systems, Inc. All rights reserved.