思科网络安全第七章研讨.ppt

CCNA Security;Lesson Planning;Major Concepts;Contents;6.1 Endpoint Security;Endpoint Security Considerations; 6.1.1 Introducing Endpoint Security;Securing the edge device because of its WAN connection? Securing the internal LAN? Both! Securing the internal LAN is just as important as securing the perimeter of a network. Internal LANs consists of: Endpoints Non-endpoint LAN devices LAN infrastructure;Securing the LAN;A LAN connects many network endpoint devices that act as a network clients. Endpoint devices include: Laptops Desktops IP phones Personal digital assistants (PDAs) Servers Printers ;A LAN also requires many intermediary devices to interconnect endpoint devices. Non-endpoint LAN devices: Switches Wireless devices IP telephony devices Storage area networking (SAN) devices;A network must also be able to mitigate specific LAN attacks including: MAC address spoofing attacks STP manipulation attacks MAC address table overflow attacks LAN storm attacks VLAN attacks ;Operating Systems Basic Security Services;Types of Application Attacks;Cisco Systems Endpoint Security Solutions;IronPort is a leading provider of anti-spam, anti-virus, and anti-spyware appliances. Cisco acquired IronPort Systems in 2007. It uses SenderBase, the worlds largest threat detection database, to help provide preventive and reactive security measures.; 6.1.2 Endpoint Security with IronPort;Cisco IronPort Products;IronPort C-Series;IronPort S-Series;6.1.3 Endpoint Security with Network Admission Control;;The NAC Framework;NAC的示意图;NAC Components;Cisco NAC Appliance Process;Access Windows;6.1.4 Endpoint Security with Cisco Security Agent;CSA Architecture;CSA Overview;CSA Functionality;Attack Phases;CSA Log Messages;6.2 Layer 2 Security Considerations;Layer 2 Security Considerations;6.2.1 Introduction to Layer2 Security;;OSI Model;Layer 2 Vulnerabilities;MAC Address Spoofing Attack;6.2.2 MAC Address Spoofing Attack;;Both MAC spoofing and MAC address table overflow attacks can be miti