Sunday, April 7, 2019
Basic Device and Security Configuration Essay Example for Free
Basic Device and shelter manakin EssayWhen designing a interlocking there atomic number 18 basic network and shelter configurations that matchless needs to consider. Choosing a hostname for each device is very im styleant, this allows the user to endure what device they are working on. Configuring interfaces with a proper IP, subnet, and descriptions are part of the basic configuration of a network device. one(a) needs to consider the security setting for the network devices. There are some basic configurations that one can choose to use in their configuration. Passwords and a username should be utilise for consoling and remote opening to any network device. Enable war crys and encrypting those password are best practices for any engineer.Configuration of a username and password for virtual ancestrys, bequeath help in keeping unwanted persons out of your network device along with, a banner upon logging into a device. Banners are messages that will march a warning to any unauthorized person looking to annoy the device. Shutting fine-tune unused ports in a switch, will keep unwanted clients of the network and people from just plugging a laptop into the port for access. Remote access is something to think about when configuring a device. SSH (Secure Shell) and telnet are two network protocol used to remote access to a device. SSH is a more than full application that uses higher encodings of data indeed telnet does. To generate the SSH key the use of crypto key generate rsa is used with a 1024 bit key, creates the most secure key. Remote access is a concern to any engineer and should be taken with the highest priority.Commands Used in Basic Device ConfigurationsCLI directs that are used in a switch and in a router are the same. Most CLIcommands are configured in the global configuration mode. Its forever and a day good practice to start with the command erase startup-config, which resulted in the saved NVRAM configuration to be erased. screen background the appropriate hostname for the device is the command hostname name. By naming ones device, this will let the user know what device they are working in. Passwords helped secure the device for the enable mode, consoling into the device, and remote access. To set a password to access the enable mode, one need to use the command enable secret password.The configuration of a password for consoling into a device, one needs to be in the line con 0 mode and use the command password, the same command is used for remote access but in the line vty 0-15 mode. When using the enable secrete command, the passwords are displayed in clear text. For more security, service password-encryption is used encrypt the password when a show run command is used to display the running configuration. Enabling SSH version 2 is a better choice than version 1. SSH version 2 has stronger cryptographic integrity check and supports password changing. If one configurators their device to support SSH , then there are several commands that need to be configured. A username name password password command needs to be assigned.The ip domain name domain mycompany.com command is used, followed by crypto key generated rsa command. When the engineer types that command the IOS will prompt one for the number of bits. 512 is the default, however, one can choose a larger number and 1024 bits is recommended. The RSA encryption key is used for authentication and encryption of the SSH data. The transport input telnet ssh command allows telnet and ssh on the virtual lines by being configured in the line vty 0 -15 mode. The interface range interface-interface command is used to make changes in the interface range. One can use this command to shut down all unused ports in a switch. Lastly, the imitate run start command was used to copy the recent running configuration to the startup configuration.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.