Preventing Unauthorized Equipment from Entering a Network

739 Words2 Pages
bulb-icon

Recommended: Spanning Tree Protocol Flashcard

This informational report will explain and guide you through the process and plan that will be implemented to prevent any unauthorized equipment (including external rogue switches) from entering the network. In addition we will be implementing the spanning tree protocol to eliminate any layer 2 loops and ultimately causing a network storm.
First I’d like to begin by going into detail about the VTP (VLAN Trunking Protocol) IEEE 802.1q. I will initially enable all the VLANs on the only designated VTP server mode, and then configure the trunking protocol 802.1q between the switches allowing all the VLANs on that trunk. All the other switches will be configured as clients so the network topology will be pushed through the VTP server mode. The VTP transparent mode is strictly going to be used for administrative purposes, only allowing that switch to pass updates/information onto the next switch. The commands for enabling the VTP trunking protocol, domain, and the mode are shown below.
Trunking mode
Switch(config)#int fa0/1
Switch(config)#switchport trunk encap dot1q
Switch(config)#switchport mode trunk
Switch(config)#switchport trunk allowed vlan 1-99

Trunking protocol
Switch(config)#ctp domain devrynet
Switch(config)#vtp mode server (client/transparent depending on switch and location)

To ensure the network stays secured to the point where no one or no device can alter the current configuration we are going to implement a few things. First we will password protect the local and terminal access on the five VTY ports on the switches (see below for the commands). Next we will enable switch port security which will disable a port if more than one MAC address is detected as being connected to that port. We will also re...

... middle of paper ...

...ne elect a root bridge, two elect root ports, and three elect designated and non-designated ports. The mode of the STP that will be used is called the Rapid Spanning Tree Protocol (RSTP) mode. This mode will allow the switches to hold an election process based on the switches Bridge ID (BID). With the root bridge you will have the root ports to the root bridge (the fastest port connected to the root bridge). Every switch has a designated (primary) and non-designated (secondary) path to the network bridge or root device. The spanning tree protocol algorithm will establish a designated and non-designated link based on cost. Cost is measured by how fast the connection is between the two switches, the faster the link speed the lower the number; the lowest number wins the designated link. To enable this mode the commands used will be in privileged mode (see below).

Show More
Related

  • Nt1330 Unit 3 Assignment 3 Business Plan

    506 Words  | 2 Pages

    Switches use ports and sends information to a physical device address via these ports. They only send information to the particular computer that has the specific address and not to all of the computers.

    Read More

  • Networking Topologies and TCP/IP Protocol

    1371 Words  | 3 Pages

    In this topology, all nodes are connected to a central device, usually a hub or a switch. Each connected device has a dedicated, point-to-point connection between the device and the hub. The star network topology is by far the most widely implemented topology in use today.

    Read More

  • Overview of Network Security

    868 Words  | 2 Pages

    Roberts, Richard M. "Network Secrurity." Networking Fundamentals. 2nd ed. Tinley Park, IL: Goodheart-Willcox, 2005. 599-639. Print.

    Read More

  • The Distinctions Between Screened Host, Screened Subnet and DMZ Perimeter Security Architectures

    1316 Words  | 3 Pages

    The screened host firewall s a more flexible firewall than the dual-homed gateway firewall, however the flexibility is achieved with some cost to security. The screened host firewall is often appropriate for sites that need more flexibility than that provided by the dual-homed gateway firewall.

    Read More

  • The Home Depot Data Breach Case Study

    1138 Words  | 3 Pages

    2. Once you have segregated the POS network, you need to apply rules on the networking device responsible for the

    Read More

  • Critical Infrastructure Protection

    1122 Words  | 3 Pages

    When it comes to protecting an infrastructure, careful planning and coordination needs to take place. Protecting an infrastructure takes an important security initiative called Critical Infrastructure Protection (CIP). The United States critical infrastructure is protected by the Department of Homeland Security.

    Read More

  • Network Security

    1526 Words  | 4 Pages

    ABSTRACT : This paper describes the basic threats to the network security and the basic issues of interest in designing a secure network. it describes the important aspects of network security. A secure network is one which is free of unauthorized entries and hackers. INTRODUCTION

    Read More

  • spanning tree protocol

    500 Words  | 1 Pages

    Spanning tree protocol is a protocol that prevents loops that are not wanted in a network. In order for a network to work properly it has to have only one active path between two network stations. If there are multiple active paths between stations loops can and will occur. When loops occur, there can sometimes be duplicate messages in the network. The loops are created by the network and if the devices that connect the network segments are all configured to forward, they will continuously forward frames into an endless network loop. If there are enough loops going then a frame will not reach its destination. The reason duplicate messages occur is because sometimes switches will see situations appear on both sides of it. When this occurs that is when spanning tree protocol comes in. In order to shut down the loops bridges and switches exchange BPDU messages with other bridges and switches to detect loops and then remove them by shutting down selected bridge interfaces. BPDU is short for bridge protocol data unit. Bridge protocol data units are part of the spanning tree protocol and they help describe and identify the parts of a switch port. The bridge protocol data unit allows switches to obtain information about each other. All the switches gather information from each other by exchanging data messages. In order for them to exchange messages they have to elect a root switch for the topology. The root switch has to be unique. The way they elect they have to have a unique switch for every local area network segment. To exchange messages they have to remove all loops by putting them in a backup state. Now to talk about states there is 5 different states. Two of the five states do not participate in frame forwarding. Frame forwarding is what the three main states do. The three main states are listening, learning, and forwarding. The other 2 are blocking state and disabled state. When you enable the spanning tree protocol the network goes through the blocking state and then the listening state and learning state are enabled after being turned on. If the protocol is properly configured the ports are stabilized to the forwarding or blocking state. The blocking state does not participate in the frame forwarding. It removes frames that are received from the attached segment. It also discards frames from another port for forwarding.

    Read More

  • Wi-Fi Security

    1133 Words  | 3 Pages

    Wi-Fi facilitates ease of use and is getting increasingly popular with homes and businesses. Multiple Wi-Fi Access Points can be located in a given area. Wi-Fi security issues continue to be a problem, as the number of Access Points grows.

    Read More

  • Proposal for Networks in a Small Office

    552 Words  | 2 Pages

    Security for the network will be provided by a network based packet filtering firewall, proxy server and a Wi-Fi Protected Access 2 (WPA2) passphrase. I would also suggest not broadcasting the Service Set Identifier (SSID) and to set up the router to filter the Media Access Control (MAC) addresses so that devices that have their MAC addresses registered will be allowed access to the wireless network (Dean, 2013, p. 357). I would restrict access to the proxy, file and print servers by locking them in a secure climate controlled closet. Access would be controlled by a key card that would be held by the network administrator.

    Read More

  • firewalls

    736 Words  | 2 Pages

    A firewall is a hardware or software device, or sometimes a combination of the two, that monitor, record, and filter all data that is coming into or out of the network they are connected on based on a set of rules implemented on the device or software program.

    Read More

  • Network Security Monitoring Tools

    877 Words  | 2 Pages

    It has been demonstrated that a number of interoperable systems must be implemented to fully protect a network; a strategy known as Defense in Depth. Due to the multitude of security devices and device categories available, it can be very difficult to identify the correct tools for meeting security goals. Using the Defense in Depth strategy will require an understanding of the interactions between devices occuring within the network.

    Read More

  • Physical Security Case Study

    1226 Words  | 3 Pages

    The human factor of physical security consists of the people who own the property being protected, the people who work at the property or those that visit the property/protected area, and the security personnel guarding the property.

    Read More

  • Corporate Network Management

    1882 Words  | 4 Pages

    Networks in organisation are dynamic and complex entities which can be quite challenging to configure and manage. (Kim & Feamster 2013). These corporate networks consist of multiple routers, switches, firewalls, middleboxes and a particular advantage of network management is the ability to monitor the entire business network. As all the devices are interconnected with many event occurring simultaneously, problems with once device can eventually lead and spread throughout...

    Read More

  • The Importance Of Network Planning

    1374 Words  | 3 Pages

    A critical part of network planning involves setting up of security mechanisms. Deploying the network with security configuration provides superior visibility, continuous control and advanced threat protection across the extended network. Additionally, security procedures define policies to monitor the network for securing critical data, obtain visibility, mitigate threats, identify and correlate discrepancies.

    Read More

More about Preventing Unauthorized Equipment from Entering a Network

Open Document