Understanding Switch Security

Understanding Switch Security:

Completion of the security in the physical access, and there should be a growth in need to the process that to ensure access to various ports is thoroughly secure of any EXEC session connection, mostly by securing the console port (CON) and by securing the Telnet ports (VTY) and by adding to this an administration they will assign a certain permanent address to the variant ports. And to ensure security holes not to become by the switch ports various sections are described to migrate electrical, environmental and mitigate hardware and other maintenance related security type of threads to the Cisco IOS devices.

Physical and Environmental Threats:

Installation of software’s and other improper or the incomplete device installation will also leads to the  security threat and if the mistake is left unconcerned then there will have a dire sort of results. The threat is included in all sort of devices or the server configurations. Because of the peer installation the data also cannot be retrieved and huge loss may occur.

And to this the beyond insecure type of configuration settings, four classes of insecure installations or the physical access threats has been implemented.

  Hardware threats: This sort of threat is physical damage for the switch and to the switch hardware.

  Environmental threats: In the increase of the temperature extremes (means when there is too hot or too cold) or by increase in humidity (means too wet or too dry).

 Electrical threats: Breaks in power supply, insufficient supply of voltage, voltage spikes, unconditioned power, and total power loss.

   Maintenance threats: Poor maintenance in the electronic components and poor cabling, poor labelling and lack of critical spare parts may result in the maintenance threats.

Configuring in Password Security:

To configure the password and other console a (CLI) command-line interface is used. The following sort of examples show the configuration of a switch.

Example 1: Switch Password Configuration: Virtual Terminal (Telnet) Password Configuration

SwitchX(config)# line console 0 SwitchX(config-line)# login SwitchX(config-line)# password india

Example 2: Switch Password Configuration: Console Password Configuration

SwitchX(config)# line console 0 SwitchX(config-line)# login SwitchX(config-line)# password india

Example 3: Switch Password Configuration: Secret Password Configuration

SwitchX(config)# enable secret sanfran

Example 4: Switch Password Configuration: Enable Password Configuration

SwitchX(config)# enable password india

Note: The passwords mentioned are for example purpose and in the real time purpose they should be stronger and they should be a complex password.

There uses the login local command which helps us to enable the password checking to be more protected as per the user basis by using the password username and password specified with the username global configuration command. In this the username commands and establish an encrypted passwords with its username authentication.

According to the difference in switches the maximum size of a MAC address is varied. And when consider the Catalyst 2690 series switch which has a capable to store up to 8192 MAC addresses and on other hand less sophisticated switches will not support that many MAC address.

Data Communications Process

Communication on a network will be generated on the network from a source and

the obtained data is sent to a destination. And in the networking protocol will uses
the all the data in the OSI layers or some sort of layers to move the data betweenthe layers. When consider about layers let recall that layer 1 is the part the protocolwhich operates and communicate with the sort of media, and in the other end Layer7 is the part of the protocol which communicates among the applications. Becauseof the network layers only the data frame can be travelled through the computernetworks and other devices which are connected to it. And this process of passingthrough the data though network from one device to the others is accomplished bythe information passing from the applications down to the protocol stack, where anappropriate header is added at each part of the layer model. And this sort of processadding header and stack is called as encapsulation. When data encapsulation iscompleted and it was passed though the network, and then the data is removed bythe receiving devices, by using the messages in the header and the various directionsto known how the data will be passed through the appropriate applications.The one of the important concepts in the networking is the data encapsulation. Itmainly functions and depends on the working of the layers called as peer layers towhich the communication on critical parameters defined as on control informationand addressing.The encapsulation concept was quite simple although so many will think that as anabstract concept. It can be easily explained in a day-to-day work consider a mugto be transported to a friend who was in another place you need to send it by anytransportation ways road, rail or airways the process will not be done by throwingthe mug and expecting it to be reach your friend. You need a proper service to donethe work. The process is completely shown below.Step 1: Pack the mug in a box.Step 2: Indicate an address such that the transporter knows where to deliver itStep 3: Give the box to a parcel carrier.Step 4: The package was transferred to its final destination.And in the same manner the data also transfers from one point to the other throughthe means of the network. And after the package has been delivered to the concernperson the process should be reversed by your friend. The process of the reverseencapsulation is known as the de-encapsulation.