From: Ronald Ramzy (ronald.ramzy@gmail.com)
Date: Wed Mar 04 2009 - 04:06:16 ARST
Thanks.
I was looking for a switch security document similar to Router-Hardening
document from cisco.
If you can help with that.
Cheers
On Tue, Mar 3, 2009 at 5:47 PM, Pavel Bykov <slidersv@gmail.com> wrote:
> 1. If you can define criteria, use ingress policing. If you can't, use
> egress shaping on every port connected to those three routers. Check out
> 2960 in DOCCD for guides to configuring QoS.
> 2. Yes, BUT use ACL and access-class, strong passwords, and preferably SSH.
> 3. Many many different ones. Start with turning off HTTP server, setup
> strong passwords, use at least local database and AAA, setup logging, setup
> login retries, timeouts and blocks, banners...
> There is a whole training for that: Securing Cisco IOS
>
>
>
> On Tue, Mar 3, 2009 at 9:56 AM, Ronald Ramzy <ronald.ramzy@gmail.com>wrote:
>
>> Hi,
>>
>> I need security recommendation on my scenario.
>>
>> 2MB Internet link is terminated on a Cisco 2960 switch and three routers
>> are
>> connected from it going to different departments.
>>
>>
>> - how can i configure the switch to provide bandwidth as 512KB / 1MB /
>> 512KB going to routers. ( r1 / r2 / r3 )
>> - is it safe to connect the switch to network to see Bandwidth utization
>> of the link.
>> - wht security configuration is required to secure the switch
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Pavel Bykov
> ----------------
> Don't forget to help stopping the braindumps, use of which reduces value of
> your certifications. Sign the petition at http://www.stopbraindumps.com/
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Apr 06 2009 - 06:44:04 ART