This Module begins with a discussion on best practices for Layer 2 security.
The student will be introduced to multiple physical network scenarios and given
vulnerabilities and mitigation techniques for each.
The SDM Security
Audit Feature is discussed next. SDM contains a unique Security Audit wizard
that provides a comprehensive Router Security Audit. SDM uses Cisco Technical
Assistance Center (TAC) and International Computer Security Association (ICSA)
recommended security configurations as the basis for comparisons and default
settings.
The enterprise management of VPNs will also be discussed.
Management is one of the greatest challenges in the implementation of large
scale site-to-site and remote access VPNs. The primary role of the Management
Center for VPN Routers (Router MC) is to manage Site-to-Site VPNs. The key
topics necessary to understand VPNs will be explored. A firm understanding of
how Router MC operates will help to better manage large scale VPNs.
Finally, the student will also learn about the Simple Network Management
Protocol (SNMP). SNMP enables network administrators to manage network
performance, find and solve network problems, and plan for network growth. SNMP
is often used to gather statistics and remotely monitor network infrastructure
devices. It is a very simplistic protocol and therefore has virtually no
security built into its original version. However, when used properly, the
information gathering attributes of SNMP can effectively assist the
administrator with security.
 |
NOTE:
It is required that the student study the commands covered in the
chapter using the labs and the Command Reference. Not all required commands are
covered in sufficient detail in the text alone. Successful completion of this
course requires a thorough knowledge of command syntax and application.
|