Cart | Client Login | About Us | FAQ | Contact Us | CCIE Resources | Refer CCIE students & Get Paid
Call 86-136-2222-6316 | Chat with a Training Advisor
Home > ccie resources > IP Add Route

Layer 3 Security

The Cisco SAFE Blueprint also lists several best practices for Layer 3 security. The following list summarizes the key Layer 3 security recommendations from the SAFE Blueprint. 1. Enable secure Telnet access to a router user interface, and consider using Secure Shell (SSH) instead of Telnet. 2. Enable SNMP security, particularly adding SNMPv3 support. 3. Turn off all unnecessary services on the router platform. 4. Turn on logging to provide an audit trail. 5. Enable routing ..

Totally Stubby Area

For very large networks, it is quite common to have a large number of areas. It also is not uncommon to have low-end routers in these areas. Therefore, receiving a large amount of summary LSA data is a cause for concern. As a solution, OSPF created the totally stubby area.   As with a stub area, external LSAs are not advertised in a totally stubby area; unlike a stub area, however, a totally stubby area does not pass interarea traffic. Now, even summary link state..

Basic Single Area IS-IS Configuration

This section examines the process of configuring a single IS-IS area using the network in Figure 7-11. Figure 7-11. Single Area IS-IS Network [View full size image] The steps for a basic single area IS-IS configuration are as follows: Step 1. Configure a loopback interface on each OSPF router. Step 2. Configure IP addresses on the physical interfaces. Step 3. Configure the IS-IS process on each router. Step 4. Enable IS-IS on the router interfaces. The loopback addresses, ..

Modifying the Default RIP Parameters

There are several customizations that we can make to the default RIP configuration. You can modify the timers by using the timers command in the RIP configuration mode: Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#ipv6 unicast-routing Router1(config)#ipv6 router rip RIP_PROC Router1(config-rtr)#timers 15 60 5 120 Router1(config-rtr)#exit Router1(config)#end Router1# You can change the default administrative ..

Filtering Based on Noncontiguous Ports

To filter noncontiguous ports, use the following commands: Router2#configure terminal Enter configuration commands, one per line.  End with CNTL/Z.Router2(config)#ip access-list extended OREILLYRouter2(config-ext-nacl)#permit tcp any host 172.25.100.100 eq 80 23 25 110 514 21Router2(config-ext-nacl)#endRouter2#   Cisco introduced the ability to filter noncontiguous ports in IOS Version 12.3(7)T.   Historically, Ci..

Contact Us

86-136-2222-6316
CALL ME NOW

Hot Search Tags

CCIE Security V3  Cisco Routing Keyboard Shortcuts  Cisco 2610  Free A Exam Questions  IP Route Delete  IPX RIP  Pseudonodes  Latest Rfc 2131  The Wireless Network  Token Ring Bridging  Reviews Wireless Routers  XML-Formatted Log Messages  Voice Internet Protocol  Value of Data Center  BGP Peer Connections 

© 2011 CathaySchool, an ANDA Technology Group company, All Rights ReservedPrivacy Policy | Refund Policy | Disclaimer | Sitemap | Resources Tags