Cisco Router and Security Device Manager (SDM) is a Web-based device-management tool for Cisco routers that can improve the productivity of network managers, simplify router deployments, and help troubleshoot complex network and VPN connectivity issues. Network and security administrators and channel partners can use Cisco SDM for faster and easier deployment of Cisco routers for integrated services such as dynamic routing, WAN access, WLAN, firewall, VPN, SSL VPN, IPS, and QoS. Cisco SDM provides a series of easy-to-use wizards that quickly take you step by step through configuring your router, without requiring knowledge of the Cisco IOS software CLI.

Introduced in the Cisco IOS Release 12.2(15), Gateway Load Balancing Protocol (GLBP) is supported by Cisco 1700, 2600, 3620, 3631, 3640, 3660, 3725, 3745, 7100, 7200, 7400, 7500 series. GLBP is a Cisco proprietary protocol that attempts to overcome the limitations of existing redundant router protocols (HSRP, VRRP, …) by adding basic load balancing functionality. GLBP provides load balancing over multiple routers (gateways) using a single virtual IP address and multiple virtual MAC addresses. Each host is configured with the same virtual IP address, and all routers in the virtual router group participate in forwarding packets. GLBP members communicate between [...]

The Hot Standby Router Protocol (HSRP) is a Cisco proprietary first-hop redundancy protocol (FHRP) designed to allow for transparent fail-over of the first-hop IP router, and has been described in detail in RFC 2281. HSRP provides high network availability by providing first-hop routing redundancy for IP hosts on Ethernet, Fiber Distributed Data Interface (FDDI), Bridge-Group Virtual Interface (BVI), LAN Emulation (LANE), or Token Ring networks configured with a default gateway IP address. HSRP is used in a group of routers for selecting an active router and a standby router. In a group of router interfaces, the active router is the [...]

Cisco IOS permits to define multiple privilege levels for different accounts. This could be useful when many people work on the same router / switch, but with different roles (operator, tecnhician, network manager) and there is no time to implement an authentication server. There are 16 different privilege levels that can be used. Level 0 is user mode. Level 15 is the privileged mode. Level 1 through 14 are available for customization and use.

There are some “standards” steps used for basic configuration on your Cisco router/switch: Define the hostname Assign the privileged level Secure console port Secure VTY lines Encrypt the passwords

Usually when we admin a network, we need to know what are the protocols used more frequently, and why not, discover if someone are using improper P2P software; so we can use SPAN. The Switched Port Analyzer (SPAN) feature, which is sometimes called port mirroring or port monitoring, selects network traffic for analysis by a network analyzer. For example, if you want to capture Ethernet traffic that is sent between host A and host B, you must implement SPAN feature. In this diagram, the sniffer is attached to a port (destination SPAN port) that is configured to receive a copy of [...]

The configuration register can be used to change router behavior in several ways, such as: how the router boots (into ROMmon, NetBoot) options while booting (ignore configuration, disable boot messages) console speed (baud rate for a terminal emulation session) To view the current setting of the configuration register, use the show version command:

Due to the number of CLI commands needed to manually disable services in an attempt to make the router more secure, Cisco introduced the AutoSecure feature from the Major Release 12.3 and subsequent 12.3 T. AutoSecure is a good command for customers without special Security Operations Applications because it allows them to quickly secure their network without thorough knowledge of all the Cisco IOS features. The command is available for the Cisco 800, 1700, 2600, 3600, 3700, 7200, and 7500 Series Routers. There are 2 mode: Interactive mode: prompts the user with options to enable and disable services and other [...]