Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: Foundation learning for SWITCH 642-813

Overview

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: Foundation learning for SWITCH 642-813

Richard Froom, CCIE No. 5102

Balaji Sivasubramanian

Erum Frahim, CCIE No. 7549

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide is a Cisco® authorized learning tool for CCNP® and CCDP® preparation. As part of the Cisco Press foundation ...

See more details below
Hardcover
$46.36
BN.com price
(Save 33%)$70.00 List Price

Pick Up In Store

Reserve and pick up in 60 minutes at your local store

Other sellers (Hardcover)
  • All (18) from $38.94   
  • New (15) from $38.94   
  • Used (3) from $46.35   
Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: Foundation learning for SWITCH 642-813

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK 7.0
  • Samsung Galaxy Tab 4 NOOK 10.1
  • NOOK HD Tablet
  • NOOK HD+ Tablet
  • NOOK eReaders
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac

Want a NOOK? Explore Now

NOOK Book (eBook)
$31.99
BN.com price
(Save 42%)$55.99 List Price

Overview

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: Foundation learning for SWITCH 642-813

Richard Froom, CCIE No. 5102

Balaji Sivasubramanian

Erum Frahim, CCIE No. 7549

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide is a Cisco® authorized learning tool for CCNP® and CCDP® preparation. As part of the Cisco Press foundation learning series, this book covers how to plan, configure, and verify the implementation of complex enterprise switching solutions using the Cisco Campus Enterprise Architecture. The Foundation Learning Guide also covers secure integration of VLANs, WLANs, voice, and video into campus networks.

Each chapter opens with the list of topics covered to clearly identify the focus of that chapter. At the end of each chapter, a summary and review questions provide you with an opportunity to assess and reinforce your understanding of the material. Throughout the book detailed explanations with commands, configurations, and diagrams serve to illuminate theoretical concepts.

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide is ideal for certification candidates who are seeking a tool to learn all the topics covered in the SWITCH 642-813 exam.

- Serves as the official book for the Cisco Networking Academy CCNP SWITCH course

- Provides a thorough presentation of the fundamentals of multilayer switched network design

- Explains the implementation of the design features such as VLAN, Spanning Tree, and inter-VLAN routing in the multilayer switched environment

- Explains how to implement high-availability technologies and techniques

- Covers security features in a switched network

- Presents self-assessment review questions, chapter topics, summaries, command syntax explanations, network diagrams, and configuration examples to facilitate effective studying

This book is in the Foundation Learning Guide Series. These guides are developed together with Cisco® as the only authorized, self-paced learning tools that help networking professionals build their understanding of networking concepts and prepare for Cisco certification exams.

Read More Show Less

Product Details

  • ISBN-13: 9781587058844
  • Publisher: Cisco Press
  • Publication date: 7/9/2010
  • Series: Self-Study Guide Series
  • Pages: 526
  • Sales rank: 824,908
  • Product dimensions: 7.30 (w) x 9.20 (h) x 1.30 (d)

Meet the Author

Richard E. Froom, CCIE No. 5102, attended Clemson University where he majored in computer engineering. While attending Clemson, Richard held positions at different times for the university network team, IBM, and Scientific Research Corporation. After graduation, Richard joined Cisco. Richard’s first role within Cisco was as a TAC engineer supporting Cisco Catalyst switches. After several years in the TAC, Richard moved into a testing role supporting Cisco MDS and SAN technologies. In 2009, Richard moved into the Enhanced Customer Aligned Testing Services (ECATS) organization within Cisco as a test manager of a team focused on testing customer deployments of UCS and Nexus.

Balaji Sivasubramanianis a product line manager in the Cloud Services and Switching Technology Group focusing on upcoming products in the cloud services and Data Center virtualization area. Before this role, Balaji was a senior product manager for the Catalyst 6500 switches product line, where he successfully launched the Virtual Switching System (VSS) technology worldwide. He started his Cisco career in Cisco Technical Assistant Center working in the LAN switching products and technologies. Balaji has been a speaker at various industry events such as Cisco Live and VMworld. Balaji has a Master of Science degree in computer engineering from the University of Arizona and a Bachelor of Engineering degree in electrical and electronics from the College of Engineering, Guindy, Anna University (India).

Erum Frahim, CCIE No. 7549, is a technical leader working for Enhanced Customer Aligned Testing Services (ECATS) at Cisco. In her current role, Erum is leading efforts to test Datacenter solutions for several Cisco high-profile customers. Prior to this, Erum managed the Nexus platform escalation group and served as a team lead for Datacenter SAN Test lab under the Cisco Datacenter Business Unit. Erum joined Cisco in 2000 as a technical support engineer. Erum has a Master of Science degree in electrical engineering from Illinois Institute of Technology and also holds a Bachelor of Engineering degree from NED University, Karachi Pakistan. Erum also authors articles in CertificationMagazine and Cisco.com.

Read More Show Less

Table of Contents

Chapter 1 Analyzing the Cisco Enterprise Campus Architecture

Introduction to Enterprise Campus Network Design 2

Regulatory Standards Driving Enterprise Architectures 4

Campus Designs 5

Legacy Campus Designs 5

Hierarchical Models for Campus Design 6

Impact of Multilayer Switches on Network Design 7

Ethernet Switching Review 7

Layer 2 Switching 8

Layer 3 Switching 10

Layer 4 and Layer 7 Switching 11

Layer 2 Switching In-Depth 12

Layer 3 Switching In-Depth 12

Understanding Multilayer Switching 14

Introduction to Cisco Switches 15

Cisco Catalyst 6500 Family of Switches 15

Cisco Catalyst 4500 Family of Switches 15

Cisco Catalyst 4948G, 3750, and 3560 Family of Switches 16

Cisco Catalyst 2000 Family of Switches 16

Nexus 7000 Family of Switches 16

Nexus 5000 and 2000 Family of Switches 17

Hardware and Software-Switching Terminology 17

Campus Network Traffic Types 18

Peer-to-Peer Applications 21

Client/Server Applications 21

Client-Enterprise Edge Applications 23

Overview of the SONA and Borderless Networks 25

Enterprise Campus Design 27

Access Layer In-Depth 29

Distribution Layer 29

Core Layer 31

The Need for a Core Layer 32

Campus Core Layer as the Enterprise Network Backbone 33

Small Campus Network Example 33

Medium Campus Network Example 34

Large Campus Network Design 34

Data Center Infrastructure 35

PPDIOO Lifecycle Approach to Network Design and Implementation 37

PPDIOO Phases 37

Benefits of a Lifecycle Approach 38

Planning a Network Implementation 39

Implementation Components 40

Summary Implementation Plan 40

Detailed Implementation Plan 42

Summary 43

Review Questions 43

Chapter 2 Implementing VLANs in Campus Networks 51

Implementing VLAN Technologies in a Campus Network 52

VLAN Segmentation Model 53

End-to-End VLAN 54

Local VLAN 55

Comparison of End-to-End VLANs and Local VLANs 56

Mapping VLANs to a Hierarchical Network 57

Planning VLAN Implementation 58

Best Practices for VLAN Design 59

Configuring VLANs 60

VLAN Ranges 60

Verifying the VLAN Configuration 63

Troubleshooting VLANs 67

Troubleshooting Slow Throughput 67

Troubleshooting Communication Issues 68

Implementing Trunking in Cisco Campus Network 68

Trunking Protocols 69

Understanding Native VLAN in 802.1Q Trunking 71

Understanding DTP 72

Cisco Trunking Modes and Methods 72

VLAN Ranges and Mappings 73

Best Practices for Trunking 73

Configuring 802.1Q Trunking 74

Verifying Trunking Configurations 76

Troubleshooting Trunking 77

VLAN Trunking Protocol 78

VTP Pruning 81

VTP Versions 82

VTP Versions 1 and 2 82

VTP Version 3 83

VTP Messages Types 83

Summary Advertisements 83

Subset Advertisements 84

Advertisement Requests 84

VTP Authentication 84

Best Practices for VTP Implementation 84

Configuring VTP 85

Verifying the VTP Configuration 85

Troubleshooting VTP 87

Private VLANs 87

Private VLANs Overview 88

Private VLANs and Port Types 88

Private VLAN Configuration 90

Configuring Private VLANs in Cisco IOS 91

Verifying Private VLAN 92

Private VLAN Configuration Example 93

Single Switch Private Configuration 93

Private VLAN Configuration Across Switches 94

Port Protected Feature 97

Configuring Link Aggregation with EtherChannel 97

Describe EtherChannel 98

PAgP and LACP Protocols 101

PAgP Modes 101

LACP Modes 103

Configure Port Channels Using EtherChannel 105

Guidelines for Configuring EtherChannel 105

Layer 2 EtherChannel Configuration Steps 106

Verifying EtherChannel 108

EtherChannel Load Balancing Options 110

Summary 112

Review Questions 113

Chapter 3 Implementing Spanning Tree 119

Evolution of Spanning Tree Protocols 119

Spanning Tree Protocol Basics 121

STP Operation 122

Rapid Spanning Tree Protocol 125

RSTP Port States 126

RSTP Port Roles 127

Rapid Transition to Forwarding 129

RSTP Topology Change Mechanism 132

Bridge Identifier for PVRST+ 136

Compatibility with 802.1D 137

Cisco Spanning Tree Default Configuration 137

PortFast 138

Configuring the PortFast Feature 138

Configuring the Basic Parameters of PVRST+ 140

Multiple Spanning Tree 141

MST Regions 143

Extended System ID for MST 144

Configuring MST 145

Spanning Tree Enhancements 150

BPDU Guard 152

BPDU Filtering 153

Root Guard 155

Preventing Forwarding Loops and Black Holes 158

Loop Guard 158

UDLD 161

Comparison Between Aggressive Mode UDLD and Loop Guard 165

Flex Links 166

Recommended Spanning Tree Practices 168

Troubleshooting STP 171

Potential STP Problems 171

Duplex Mismatch 172

Unidirectional Link Failure 172

Frame Corruption 173

Resource Errors 173

PortFast Configuration Error 174

Troubleshooting Methodology 174

Develop a Plan 175

Isolate the Cause and Correct an STP Problem 175

Document Findings 177

Summary 178

References 179

Review Questions 179

Chapter 4 Implementing Inter-VLAN Routing 183

Describing Inter-VLAN Routing 184

Introduction to Inter-VLAN Routing 184

Inter-VLAN Routing Using an External Router (Router-on-a-Stick) 186

External Router: Advantages and Disadvantages 189

Inter-VLAN Routing Using Switch Virtual Interfaces 190

SVI: Advantages and Disadvantages 192

Routing with Routed Ports 192

Routed Port: Advantage and Disadvantages 193

L2 EtherChannel Versus L3 EtherChannel 194

Configuring Inter-VLAN Routing 194

Inter-VLAN Configuration with External Router 195

Implementation Planning 195

Inter-VLAN Configuration with SVI 197

Implementation Plan 197

Switch Virtual Interface Configuration 198

SVI Autostate 199

Configuring Routed Port on a Multilayer Switch 200

Verifying Inter-VLAN Routing 201

Troubleshooting Inter-VLAN Problems 204

Example of a Troubleshooting Plan 205

Configuration of Layer 3 EtherChannel 206

Routing Protocol Configuration 208

Verifying Routing Protocol 208

Implementing Dynamic Host Configuration Protocol in a Multilayer Switched Environment 210

DHCP Operation 211

Configuring DHCP and Verifying DHCP 212

Configure DHCP on the Multilayer Switch 212

Configure DHCP Relay 213

Verifying DHCP Operation 214

Deploying CEF-Based Multilayer Switching 215

Multilayer Switching Concepts 215

Explaining Layer 3 Switch Processing 216

CAM and TCAM Tables 217

Distributed Hardware Forwarding 220

Cisco Switching Methods 221

Route Caching 222

Topology-Based Switching 223

CEF Processing 225

CEF Operation and Use of TCAM 227

CEF Modes of Operation 227

Address Resolution Protocol Throttling 228

Sample CEF-Based MLS Operation 230

CEF-Based MLS Load Sharing 231

Configuring CEF and Verifying CEF Configuration 232

CEF-Based MLS Configuration 232

CEF-Based MLS Verification 232

Troubleshooting CEF 236

Summary 237

Review Questions 237

Chapter 5 Implementing High Availability and Redundancy in a Campus Network 243

Understanding High Availability 244

Components of High Availability 244

Redundancy 245

Technology 246

People 246

Processes 247

Tools 248

Resiliency for High Availability 249

Network-Level Resiliency 249

High Availability and Failover Times 249

Optimal Redundancy 251

Provide Alternate Paths 252

Avoid Too Much Redundancy 253

Avoid Single Point of Failure 253

Cisco NSF with SSO 254

Routing Protocols and NSF 255

Implementing High Availability 255

Distributed VLANs on Access Switches 256

Local VLANs on Access Switches 256

Layer 3 Access to the Distribution Interconnection 257

Daisy Chaining Access Layer Switches 257

StackWise Access Switches 259

Too Little Redundancy 260

Implementing Network Monitoring 262

Network Management Overview 262

Syslog 263

Syslog Message Format 265

Configuring Syslog 267

SNMP 269

SNMP Versions 270

SNMP Recommendations 272

Configuring SNMP 272

IP Service Level Agreement 273

IP SLA Measurements 273

IP SLA Operations 275

IP SLA Source and Responder 275

IP SLA Operation with Responder 275

IP SLA Responder Timestamps 277

Configuring IP SLA 277

Implementing Redundant Supervisor Engines in Catalyst Switches 280

Route Processor Redundancy 281

Route Processor Redundancy Plus 282

Configuring and Verifying RPR+ Redundancy 283

Stateful Switchover (SSO) 284

Configuring and Verifying SSO 285

NSF with SSO 286

Configuring and Verifying NSF with SSO 287

Understanding First Hop Redundancy Protocols 288

Introduction to First Hop Redundancy Protocol 288

Proxy ARP 289

Static Default Gateway 290

Hot Standby Router Protocol (HSRP) 291

HSRP States 294

HSRP State Transition 295

HSRP Active Router and Spanning Tree Topology 296

Configuring HSRP 296

HSRP Priority and Preempt 297

HSRP Authentication 298

HSRP Timer Considerations and Configuration 299

HSRP Versions 301

HSRP Interface Tracking 302

HSRP Object Tracking 304

HSRP and IP SLA Tracking 305

Multiple HSRP Groups 306

HSRP Monitoring 307

Virtual Router Redundancy Protocol 309

VRRP Operation 311

VRRP Transition Process 312

Configuring VRRP 312

Gateway Load Balancing Protocol 315

GLBP Functions 316

GLBP Features 317

GLBP Operations 318

GLBP Interface Tracking 318

GLBP Configuration 322

GLBP with VLAN Spanning Across Access Layer Switches 322

Cisco IOS Server Load Balancing 323

Cisco IOS SLB Modes of Operation 325

Configuring the Server Farm in a Data Center with Real Servers 326

Configuring Virtual Servers 328

Summary 330

Review Questions 331

Chapter 6 Securing the Campus Infrastructure 333

Switch Security Fundamentals 334

Security Infrastructure Services 334

Unauthorized Access by Rogue Devices 336

Layer 2 Attack Categories 337

Understanding and Protecting Against MAC Layer Attack 339

Suggested Mitigation for MAC Flooding Attacks 341

Port Security 341

Port Security Scenario 1 341

Port Security Scenario 2 342

Configuring Port Security 343

Caveats to Port Security Configuration Steps 344

Verifying Port Security 345

Port Security with Sticky MAC Addresses 347

Blocking Unicast Flooding on Desired Ports 348

Understanding and Protecting Against VLAN Attacks 349

VLAN Hopping 349

VLAN Hopping with Double Tagging 350

Mitigating VLAN Hopping 351

VLAN Access Control Lists 352

Configuring VACL 353

Understanding and Protecting Against Spoofing Attacks 355

Catalyst Integrated Security Features 355

DHCP Spoofing Attack 356

DHCP Snooping 358

ARP Spoofing Attack 361

Preventing ARP Spoofing Through Dynamic

ARP Inspection 362

IP Spoofing and IP Source Guard 368

Configuring IPSG 370

Securing Network Switches 372

Neighbor Discovery Protocols 372

Cisco Discovery Protocol 373

Configuring CDP 373

Configuring LLDP 375

CDP Vulnerabilities 375

Securing Switch Access 376

Telnet Vulnerabilities 377

Secure Shell 377

VTY ACLs 378

HTTP Secure Server 379

Authentication Authorization Accounting (AAA) 380

Security Using IEEE 802.1X Port-Based Authentication 387

Configuring 802.1X 389

Switch Security Considerations 390

Organizational Security Policies 391

Securing Switch Devices and Protocols 391

Configuring Strong System Passwords 392

Restricting Management Access Using ACLs 392

Securing Physical Access to the Console 393

Securing Access to vty Lines 393

Configuring System Warning Banners 393

Disabling Unneeded or Unused Services 394

Trimming and Minimizing Use of CDP/LLDP 395

Disabling the Integrated HTTP Daemon 395

Configuring Basic System Logging 396

Securing SNMP 396

Limiting Trunking Connections and Propagated VLANs 396

Securing the Spanning-Tree Topology 396

Mitigating Compromises Launched Through a Switch 397

Troubleshooting Performance and Connectivity 398

Techniques to Enhance Performance 398

Monitoring Performance with SPAN and VSPAN 400

Using SPAN to Monitor the CPU Interface of Switches 403

Monitoring Performance with RSPAN 404

Monitoring Performance with ERSPAN 408

Monitoring Performance Using VACLs with the Capture Option 410

Troubleshooting Using L2 Traceroute 412

Enhancing Troubleshooting and Recovery Using Cisco IOS Embedded Event Manager 413

Performance Monitoring Using the Network Analysis Module in the Catalyst 6500 Family of Switches 414

Summary 415

Review Questions 416

Chapter 7 Preparing the Campus Infrastructure for Advanced Services 419

Planning for Wireless, Voice, and Video Application in the Campus Network 420

The Purpose of Wireless Network Implementations in the Campus Network 420

The Purpose of Voice in the Campus Network 421

The Purpose of Video Deployments in the Campus Network 423

Planning for the Campus Network to Support Wireless Technologies 423

Introduction to Wireless LANs (WLAN) 423

Cisco WLAN Solutions as Applied to Campus Networks 426

Comparing and Contrasting WLANs and LANs 428

Standalone Versus Controller-Based Approaches to WLAN

Deployments in the Campus Network 429

Controller-Based WLAN Solution 430

Traffic Handling in Controller-Based Solutions 433

Traffic Flow in a Controller-Based Solution 434

Hybrid Remote Edge Access Points (HREAP) 435

Review of Standalone and Controller-Based WLAN Solutions 436

Gathering Requirements for Planning a Wireless Deployment 436

Planning for the Campus Network to Support Voice 437

Introduction to Unified Communications 438

Campus Network Design Requirements for Deploying VoIP 439

Planning for the Campus Network to Support Video 440

Voice and Video Traffic 441

Video Traffic Flow in the Campus Network 442

Design Requirements for Voice, Data, and Video in the Campus Network 444

Understanding QoS 444

QoS Service Models 446

AutoQoS 447

Traffic Classification and Marking 448

DSCP, ToS, and CoS 448

Classification 449

Trust Boundaries and Configurations 450

Marking 451

Traffic Shaping and Policing 451

Policing 452

Congestion Management 453

FIFO Queuing 453

Weighted Round Robin Queuing 453

Priority Queuing 455

Custom Queuing 455

Congestion Avoidance 455

Tail Drop 456

Weighted Random Early Detection 456

Implementing IP Multicast in the Campus Network 458

Introduction to IP Multicast 459

Multicast IP Address Structure 462

Reserved Link Local Addresses 463

Globally Scoped Addresses 463

Source-Specific Multicast Addresses 463

GLOP Addresses 464

Limited-Scope Addresses 464

Multicast MAC Address Structure 464

Reverse Path Forwarding 465

Multicast Forwarding Tree 466

Source Trees 467

Shared Trees 468

Comparing Source Trees and Shared Trees 469

IP Multicast Protocols 470

PIM 470

Automating Distribution of RP 474

Auto-RP 474

Bootstrap Router 475

Comparison and Compatibility of PIM Version 1 and Version 2 476

Configuring Internet Group Management Protocol 478

IGMPv1 478

IGMPv2 478

IGMPv3 479

IGMPv3 Lite 479

IGMP Snooping 480

Preparing the Campus Infrastructure to Support Wireless 484

Wireless LAN Parameters 484

Configuring Switches to Support WLANs 484

Preparing the Campus Network for Integration of a Standalone WLAN Solution 484

Preparing the Campus Network for Integration of a Controller-Based WLAN Solution 485

Preparing the Campus Infrastructure to Support Voice 487

IP Telephony Components 487

Configuring Switches to Support VoIP 488

Voice VLANs 488

QoS for Voice Traffic from IP Phones 490

Power over Ethernet 491

Additional Network Requirements for VoIP 493

Preparing the Campus Infrastructure to Support Video 494

Video Components 494

Configuring Switches to Support Video 495

Summary 496

Review Questions 497

Appendix A 503

9781587058844 TOC 5/20/2010

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 2 Customer Reviews
  • Posted July 30, 2010

    more from this reviewer

    more powerful networks

    The book is more than just material for passing an exam. There is good background about the theory of network configuration and routing. So the text can be read usefully as a germane descriptor of contemporary network design, even if you do not need or want to take the exam.

    A vital idea in the book is the migration from networks built using Layer 2 devices to those for Layer 3. Cisco now has Layer 3 switches of comparable performance to Layer 2 elements. The key difference is that Layer 3 switching can use the IP addresses in the packet. Better yet are Layer 4 and 7 switches, which, unsurprisingly, Cisco also offers. The Layer 4 switch can access the port number in TCP or UDP packets, as an extra filtering criterion. While a Layer 7 switch goes further by being able to dig into the payload itself for more embedded data, like whether http or https or ssh is being used. Unlike the Layer 3 switches, the book does not seem to claim that the Layer 4 or 7 switches are as fast as the Layer 2 switches. Unsurprising, given the potentially more extensive processing of each packet implied by the higher layers.

    Chapter 3 goes well into the various spanning tree algorithms now implemented by Cisco. But maybe Chapter 6 is the most useful. It explains how to secure a large campus network. Where an attacker can often easily gain physical access to the wired or wireless portions. Various attacks are mooted, Leading to effects like Denial of Service or, more insidiously, a Man In The Middle insertion. The book's countermeasures include physically securing the switches and routers. Then, numerous software steps are available using Cisco firmware to detect rogue machines on a network segment. While "campus" is not restricted to a literal university campus, in practice the latter might indeed be a vast source of network weaknesses, given the diverse student population that has proximity and access to the network.

    2 out of 2 people found this review helpful.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted August 9, 2011

    No text was provided for this review.

Sort by: Showing all of 2 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)