Category: Security
Configuration Example, Security, Switching
Layer 2 security
I attended the session layer 2 security, because I had some discussions about layer 2 security with one of my colleagues. We were discussing about using layer 2 security and especially implementing it in the environments from our customers. Looking at my/our customers, I don’t see environments where layer 2 threats would be immediate. But … Read More
Wired 802.1X
The session about wired 802.1X deployment was really interesting. I was stunned about the information I already knew after my testing with MAC Authentication Bypass last week. Of course the speaker had more configuration options when configuring the switch ports. Important for me to hear where the ways for deploying 802.1X in environments. It isn’t … Read More
Cisco IOS Security
The first session I attended is about Deploying IOS Security. The session is about using the Cisco IOS as firewall to protect branch offices. We discussed normal classic firewalling and zone-based firewalling. I normally use classing firewalling, but I guess I have to try zone-based firewalling in the future. The advantage of zone-based firewalling is … Read More
Configuration Example, Security
MAC Authentication Bypass – Continued
Finally I had a day “off” and could test MAC Authentication Bypass (MAB) in our test environment at the office. I created the following test environment: There are 4 different VLAN’s and a Cisco Catalyst 3750 connects the VLAN’s to each other. I wanted to create an environment with the following properties: All switch ports … Read More
ID Control
Ictivity received via via an e-mail about strong authentication products from ID Control. Strong authentication is authentication were you need multiple factors (what you have, what you know, what you are) to actual authenticate to a system, network or something else. We, as Connectivity Consultant, were asked to look at the different products and start … Read More
Configuration Example, Security
MAC Authentication Bypass
NAC (for Cisco – Network Admission Control) or NAP (for Microsoft – Network Access Protection) in conjunction with 802.1x will be standard for authenticating network components and allowing them access to the network. At least in the future. Currently their aren’t a lot of companies how are using NAC in the network. Techworld released an … Read More