Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

CCNA Discovery 2 - Chapter 8

2,477 views

Published on

Published in: Technology, Education
  • Be the first to comment

CCNA Discovery 2 - Chapter 8

  1. 1. ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8Version 4.1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 1
  2. 2. Objectives Describe ISP security policies and procedures. Describe the tools used in implementing security at the ISP. Describe the monitoring and managing of the ISP. Describe the responsibilities of the ISP with regard to maintenance and recovery. © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 2
  3. 3. ISP Security Considerations Helping clients to create secure passwords Securing applications Removing vulnerabilities Configuring firewalls Performing security scans © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 3
  4. 4. ISP Security ConsiderationsCommon security practices: Encrypting data stored on servers Using permissions to secure access Implement user accounts Assign levels of access © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 4
  5. 5. ISP Security ConsiderationsThree steps used to reduce network vulnerability: Authentication Authorization Accounting © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 5
  6. 6. ISP Security Considerations Encryption: use the secure version of a protocol whenever confidential data is being exchanged © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 6
  7. 7. Security Tools Access control lists and port filtering protect against DoS and DDoS attacks © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 7
  8. 8. Security Tools Firewalls use ACLs to control which traffic is passed or blocked © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 8
  9. 9. Security Tools Intrusion Detection System (IDS) Intrusion Prevention System (IPS) © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 9
  10. 10. Security ToolsWireless security: Changing default settings Enabling authentication MAC filtering Encryption © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 10
  11. 11. Security Tools Host-based firewalls control inbound and outbound network traffic © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 11
  12. 12. Security ToolsTargets of host security: Known attacks Exploitable services Worms and viruses Back doors and Trojans © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 12
  13. 13. Monitoring and Managing the ISP Typical features of a Service Level Agreement (SLA): © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 13
  14. 14. Monitoring and Managing the ISP Monitoring network link performance © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 14
  15. 15. Monitoring and Managing the ISPIn-band management: Telnet Virtual Terminal (VTY) session Secure Shell (SSH): preferred for security © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 15
  16. 16. Monitoring and Managing the ISP SNMP enables administrators to gather data about the network Syslog uses syslog clients to generate and forward log messages to syslog servers © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 16
  17. 17. Backups and Disaster RecoveryFactors in choosing backup media: Amount of data Cost of media Performance Reliability Ease of offsite storage © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 17
  18. 18. Backups and Disaster RecoveryMethods of file backup: Normal Differential Incremental © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 18
  19. 19. Backups and Disaster RecoveryHow to ensure successful backups: Swap media Review backup logs Trial restores Drive maintenance © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 19
  20. 20. Backups and Disaster Recovery Use TFTP to protect configurations and Cisco IOS software Restore a Cisco IOS image using TFTP in ROMmon mode © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 20
  21. 21. Backups and Disaster Recovery Steps to designing an effective recovery plan: © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 21
  22. 22. Backups and Disaster Recovery Phases to creating and implementing a disaster recovery plan: © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 22
  23. 23. Summary ISPs provide desktop security services for customers, such as creating passwords, implementing patches and updates, and assigning permissions. Many protocols offer secure versions utilizing digital encryption, which should be used when the data being exchanged is confidential. Port filtering and Access Lists use TCP and UDP port features to permit or deny traffic. Firewalls can utilize hardware or software to define what traffic can come into or go out of parts of a network. ISPs are responsible for providing efficient and effective backup and disaster recovery methods for their customers. © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 23
  24. 24. © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 24

×