ROOMAN TECHNOLOGIES

LAN SECURITY IPv6Using VLAN , InterVLAN, Port Security , Access list

Made By -: Pushkar Chawda

3032810064 7th, Et&t

Introduction to networkThe OSI &TCP/IP ModelElements of LAN SecurityVirtual LAN (VLAN)VLAN OperationBenefits Of VLANInter VLAN-Routing & Router on trunkPhysical interface Vs subinterfacePort SecurityAccess Control ListInternet Protcol v 6Project ScenarioReferences

Contents

A network is a collection of computers, printers, routers, switches,and other devices that are able to communicate with each other over some transmission media

Network topology

Types of network

A. Local Area Network (LAN)B. Metropolitian Area Network (MAN)C. Wide Area Network (WAN)

Introduction to Network

TCP/IP Model

The OSI Model

VLANInter VLAN RoutingPort SecurityAccess-Lists

Elememts of LAN Security

VLAN is logically segment switched networks Independent physical location or connections to the network. All workstations and servers used by a particular workgroup share the same VLANVLANs function by logically segmenting the network into different broadcast domains so that packets are only switched between ports that are designated for the same VLAN.

Virtual LAN ( VLAN )

The key benefit of VLANs is that they permit the network administrator to organize the LAN logically instead of physicallyBroadcast domain defined by port rather than network address

Benefits Of VLANs

VLAN OperationEach switch port could be assigned to a different VLAN. Ports assigned to the same VLAN share broadcasts. Ports that do not belong to that VLAN do not share these broadcasts

Inter-VLAN RoutingSwitch keeps VLANs separate.

Router can route between VLANs.The router has one physical port for each VLAN.Each port has an IP address on its own VLAN.Routing is the same as routing between any subnets.

Trunks between switches.

No trunk on router.

Router on TrunkR1 F0/0 has subinterfaces, one for each VLAN.Each has its own IP address.

Physical Vs Subinterface

Port Security

AdvantagesDedicated bandwidth If the size of the address table is set to 1, the attached device

is guaranteed the full bandwidth of the port.

Added security—Unknown devices cannot connect to the port

Security Violation ModeShutdown- The interface is shut down immediately following a security violation

Restrict- A security violation sends a trap to the network management station.

Protect- When the port secure addresses reach the allowed limit on the port, all

packets with unknown addresses are dropped.

**The default is shutdown

Access Control ListsAccess control list (ACL) consist of a table that tells which access rights each user has to a particular system object, such as a file directory or individual file.Limit network traffic and increase network performance. Provide a basic level of security for network access. Traffic decision(forwarded or blocked at the router interfaces). can provide access control based on Layer 3 addresses for IP protocols.ACLs are lists of conditions used to test network traffic that tries to travel across a router interface. These lists tell the router what types of packets to accept or deny.

INTERNET PROTOCOL VERSION 6

sitetopology(16 bits)

interfaceidentifier(64 bits)

publictopology(45 bits)

interface IDSLA*NLA*TLA001

Global Unicast Addresses

TLA = Top-Level AggregatorNLA* = Next-Level Aggregator(s)SLA* = Site-Level Aggregator(s)TLAs may be assigned to providers or exchanges

(128 bits)

Summary tables of IPv6 Addresses

Project Scenario

ReferencesData Communication and Computer Networking , B.A. Forouzan, Tata McGraw Hill, 2nd Edition.CCNA : Cisco Certified Network Associate Study Guide (Exam 640-802) , 6th EditionWikipediaccna_studyguide, Aaron BalchunasNetworking Basics Part 2 – Routers, Awadhesh KumarIPv6 Static Routing & IPv4 to IPv6, Erkki LaaneoksIPv6 Configuration Guide, Cisco IOS