28
2008
Security Device Manager aka SDM
Cisco Router and Security Device Manager (SDM) is a Web-based device-management tool for Cisco routers that can improve the productivity of network managers, simplify router deployments, and help troubleshoot complex network and VPN connectivity issues. Network and security administrators and channel partners can use Cisco SDM for faster and easier deployment of Cisco routers for integrated services such as dynamic routing, WAN access, WLAN, firewall, VPN, SSL VPN, IPS, and QoS. Cisco SDM provides a series of easy-to-use wizards that quickly take you step by step through configuring your router, without requiring knowledge of the Cisco IOS software CLI.
18
2008
Configuring redundancy with GLBP
Introduced in the Cisco IOS Release 12.2(15), Gateway Load Balancing Protocol (GLBP) is supported by Cisco 1700, 2600, 3620, 3631, 3640, 3660, 3725, 3745, 7100, 7200, 7400, 7500 series. GLBP is a Cisco proprietary protocol that attempts to overcome the limitations of existing redundant router protocols (HSRP, VRRP, …) by adding basic load balancing functionality. GLBP provides load balancing over multiple routers (gateways) using a single virtual IP address and multiple virtual MAC addresses. Each host is configured with the same virtual IP address, and all routers in the virtual router group participate in forwarding packets. GLBP members communicate between [...]
29
2008
Implementing High Availability with HSRP
The Hot Standby Router Protocol (HSRP) is a Cisco proprietary first-hop redundancy protocol (FHRP) designed to allow for transparent fail-over of the first-hop IP router, and has been described in detail in RFC 2281. HSRP provides high network availability by providing first-hop routing redundancy for IP hosts on Ethernet, Fiber Distributed Data Interface (FDDI), Bridge-Group Virtual Interface (BVI), LAN Emulation (LANE), or Token Ring networks configured with a default gateway IP address. HSRP is used in a group of routers for selecting an active router and a standby router. In a group of router interfaces, the active router is the [...]
23
2008
Multiple privilege levels
Cisco IOS permits to define multiple privilege levels for different accounts. This could be useful when many people work on the same router / switch, but with different roles (operator, tecnhician, network manager) and there is no time to implement an authentication server. There are 16 different privilege levels that can be used. Level 0 is user mode. Level 15 is the privileged mode. Level 1 through 14 are available for customization and use.
10
2008
Cisco basic configuration
There are some “standards” steps used for basic configuration on your Cisco router/switch: Define the hostname Assign the privileged level Secure console port Secure VTY lines Encrypt the passwords
29
2008
How to analyze traffic with SPAN feature
Usually when we admin a network, we need to know what are the protocols used more frequently, and why not, discover if someone are using improper P2P software; so we can use SPAN. The Switched Port Analyzer (SPAN) feature, which is sometimes called port mirroring or port monitoring, selects network traffic for analysis by a network analyzer. For example, if you want to capture Ethernet traffic that is sent between host A and host B, you must implement SPAN feature. In this diagram, the sniffer is attached to a port (destination SPAN port) that is configured to receive a copy of [...]
23
2008
The configuration register
The configuration register can be used to change router behavior in several ways, such as: how the router boots (into ROMmon, NetBoot) options while booting (ignore configuration, disable boot messages) console speed (baud rate for a terminal emulation session) To view the current setting of the configuration register, use the show version command:
13
2008
Using AutoSecure to secure a router
Due to the number of CLI commands needed to manually disable services in an attempt to make the router more secure, Cisco introduced the AutoSecure feature from the Major Release 12.3 and subsequent 12.3 T. AutoSecure is a good command for customers without special Security Operations Applications because it allows them to quickly secure their network without thorough knowledge of all the Cisco IOS features. The command is available for the Cisco 800, 1700, 2600, 3600, 3700, 7200, and 7500 Series Routers. There are 2 mode: Interactive mode: prompts the user with options to enable and disable services and other [...]
Archives
- February 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008

An article by