DOCSLIB.ORG

Cisco IOS Appletalk Configuration Guide Release 12.4

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cisco IOS Appletalk Configuration Guide Release 12.4 Cisco IOS AppleTalk Configuration Guide Release 12.4 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Customer Order Number: DOC-7817505= Text Part Number: 78-17505-01 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0601R) Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental. Cisco IOS AppleTalk Configuration Guide © 2005–2006, Cisco Systems, Inc. All rights reserved. CONTENTS About Cisco IOS Software Documentation for Release 12.4 vii Documentation Objectives vii Audience vii Documentation Organization for Cisco IOS Release 12.4 viii Document Conventions xiv Obtaining Documentation xv Cisco.com xv Product Documentation DVD xvi Ordering Documentation xvi Documentation Feedback xvi Cisco Product Security Overview xvii Reporting Security Problems in Cisco Products xvii Obtaining Technical Assistance xviii Cisco Technical Support & Documentation Website xviii Submitting a Service Request xviii Definitions of Service Request Severity xix Obtaining Additional Publications and Information xix Using Cisco IOS Software for Release 12.4 xxi Understanding Command Modes xxi Getting Help xxii Example: How to Find Command Options xxiii Using the no and default Forms of Commands xxvi Saving Configuration Changes xxvi Filtering Output from the show and more Commands xxvii Finding Additional Feature Support Information xxvii AppleTalk Overview 1 AppleTalk 1 Background on AppleTalk 1 The Cisco Implementation of AppleTalk 2 Media Support 2 Standard AppleTalk Services 2 Enhancements to Standard AppleTalk Services 3 Cisco IOS AppleTalk Configuration Guide iii Contents Security 3 Configuring AppleTalk 5 AppleTalk Phases 5 AppleTalk Phase 1 5 AppleTalk Phase 2 5 Types of AppleTalk Phase 2 Networks 6 AppleTalk Addresses 7 Network Numbers 7 Node Numbers 8 AppleTalk Address Example 8 AppleTalk Zones 8 Configuration Guidelines and Compatibility Rules 8 AppleTalk Configuration Task List 9 Configuring AppleTalk Routing 9 Enabling AppleTalk Routing 10 Configuring an Interface for AppleTalk 10 Selecting an AppleTalk Routing Protocol 13 Configuring Transition Mode 13 Enabling Concurrent Routing and Bridging 14 Configuring Integrated Routing and Bridging 14 Controlling Access to AppleTalk Networks 14 Types of Access Lists 14 Types of Filters 16 Implementation Considerations 16 Controlling Access to AppleTalk Networks Task List 17 Creating Access Lists 17 Creating Filters 19 Configuring the Name Display Facility 23 Setting Up Special Configurations 23 Configuring Free-Trade Zones 24 Configuring SNMP over DDP in AppleTalk Networks 24 Configuring AppleTalk Tunneling 25 Configuring AppleTalk MacIP 28 Configuring AppleTalk MacIP Task List 29 Configuring IPTalk 31 Configuring AppleTalk Control Protocol for PPP 34 Tuning AppleTalk Network Performance 34 Controlling Routing Updates 35 Assigning Proxy Network Numbers 37 Cisco IOS AppleTalk Configuration Guide iv Contents Enabling Round-Robin Load Sharing 37 Disabling Checksum Generation and Verification 38 Controlling the AppleTalk ARP Table 38 Controlling the Delay Between ZIP Queries 39 Logging Significant Network Events 39 Disabling Fast Switching 39 Configuring AppleTalk Interenterprise Routing 40 Understanding AppleTalk Domains 40 Understanding Domain Routers 40 AppleTalk Interenterprise Routing Features 40 Redundant Paths Between Domains 41 AppleTalk Interenterprise Routing Task List 41 Configuring AppleTalk over WANs 43 AppleTalk over DDR 43 AppleTalk over X.25 44 Configuring AppleTalk Between LANs 44 Configuring AppleTalk Between VLANs 44 Monitoring and Maintaining the AppleTalk Network 45 Monitoring and Maintaining the AppleTalk Network Using Cisco IOS Software Commands 45 Monitoring the AppleTalk Network Using Network Monitoring Packages 46 AppleTalk Configuration Examples 47 Extended AppleTalk Network Example 47 Nonextended AppleTalk Network Example 48 Nonextended Network in Discovery Mode Example 48 AppleTalk Access List Examples 49 Defining an Access List to Filter Data Packets Example 49 Defining an Access List to Filter Incoming Routing Table Updates Example 50 Comparison of Alternative Segmentation Solutions 51 Defining an Access List to Filter NBP Packets Example 52 Configuring Partial Zone Advertisement Example 54 Transition Mode Example 55 Hiding and Sharing Resources with Access List Examples 56 Establishing a Free-Trade Zone Example 56 Restricting Resource Availability Example 57 GZL and ZIP Reply Filter Examples 59 AppleTalk Interenterprise Routing over AURP Example 60 SNMP Example 60 MacIP Examples 61 IPTalk Example 61 AppleTalk Control Protocol Example 64 Cisco IOS AppleTalk Configuration Guide v Contents Proxy Network Number Example 64 AppleTalk Interenterprise Routing Example 65 AppleTalk over DDR Example 65 AppleTalk Control Protocol for PPP Example 66 Cisco IOS AppleTalk Configuration Guide vi About Cisco IOS Software Documentation for Release 12.4 This chapter describes the objectives, audience, organization, and conventions of Cisco IOS software documentation. It also provides sources for obtaining documentation, technical assistance, and additional publications and information from Cisco Systems. It contains the following sections: • Documentation Objectives, page vii • Audience, page vii • Documentation Organization for Cisco IOS Release 12.4, page viii • Document Conventions, page xiv • Obtaining Documentation, page xv • Documentation Feedback, page xvi • Cisco Product Security Overview, page xvii • Obtaining Technical Assistance, page xviii • Obtaining Additional Publications and Information, page xix Documentation Objectives Cisco IOS software documentation describes the tasks and commands available to configure and maintain Cisco networking devices. Audience The Cisco IOS software documentation set is intended primarily for users who configure and maintain Cisco networking devices (such as routers and switches) but who may not be familiar with the configuration and maintenance tasks, the relationship among tasks, or the Cisco IOS software commands necessary to perform particular tasks. The Cisco IOS software documentation set is also intended for those users experienced with Cisco IOS software who need to know about new features, new configuration options, and new software characteristics in the current Cisco IOS software release. Cisco IOS AppleTalk Configuration Guide vii About Cisco IOS Software Documentation
Load more

Recommended publications
  • Decbrouter 90 Products Command Summary
    DECbrouter 90 Products Command Summary Order Number: EK–DECBR-CS. A01 First Edition, May 1993 The information in this document is subject to change without notice and should not be construed as a commitment by Digital Equipment Corporation. Digital Equipment Corporation assumes no responsibility for any errors that may appear in this document. The software described in this document is furnished under a license and may be used or copied only in accordance with the terms of such license. No responsibility is assumed for the use or reliability of software on equipment that is not supplied by Digital Equipment Corporation or its affiliated companies. Restricted Rights: Use, duplication, or disclosure by the U.S. Government is subject to restrictions as set forth in subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013. © Digital Equipment Corporation 1993. FCC NOTICE: The equipment described in this manual generates, uses, and may emit radio frequency energy. The equipment has been type tested and found to comply with the limits for a Class A computing device pursuant to Subpart J of Part 15 of FCC Rules, which are designed to provide reasonable protection against such radio frequency interference when operated in a commercial environment. Operation of this equipment in a residential area may cause interference, in which case the user at his own expense may be required to take measures to correct the interference. The following are trademarks of Digital Equipment Corporation: DEC, DECbrouter, DECnet, VAX, VMS, and the Digital logo. Apollo NCS is a trademark of Apollo Computer, Inc.
    [Show full text]
  • Ipv6 … a Simplified Explanation
    IPv6 … A Simplified Explanation Presented by Bryan Crisler Senior Network Engineer Time Warner Cable Housekeeping • Take this time to locate: – Emergency Exits – Bathrooms – Breakroom/Water Fountain – Note taking utensils • Put your Phones on Vibrate – If you need to take a call, feel free to step out of the room. About your Speaker • Bryan Crisler – Started in Cable @ Charter Communications, Riverside, CA in June 2005 – Currently a Senior Network Engineer at Time Warner Cable About your Speaker • Held following positions: – Broadband Technician I-IV (Charter) – Network Operations Specialist (Charter) – Network Technician (Charter) – Network Engineer (Charter & TWC) – SR Network Engineer (TWC) About your Speaker • Email: [email protected] • LinkedIn: linkedin.com/in/bcrisler Today’s Lesson Plan • Session 1: So What About IPv6? • Session 2: Every Day IPv6 and You So What About IPv6? Session 1 Basic History of IP • IP – Internet Protocol • Defined in RFC 791, dated 1981, written by Information Sciences Institute @ USC • Written for DARPA (Defense Advanced Research Projects Agency) Basic History of IP • “… Internet Protocol is designed for use in interconnected systems of packet-switched computer communication networks…provides for transmitting blocks of data called datagrams from sources to destinations… identified by fixed length addresses.” (RFC 791, section 1.1) Versions of IP • IPv0 – 3: Experimental Only • IPv4: Defined in 1981 by RFC 760 & 791. First version to implemented publically. Still in use today. • IPv5: Also experimental, called Internet Stream Protocol. • IPv6: Also called IP Next Generation (IPng), Defined in 1998 by RFC 2460-2467 IP Addressing • Layer 3 (Network) form of Addressing • Two different forms of IP Address: – IPv4 • Uses Dotted Decimal (192.168.0.1) • Has 4,294,967,296 total address (public & private) • 32 bit address – IPv6 • Uses Hexadecimal Notation (FE80::1) • Has 3.4×1038 total address (public & private) • 128 bit address IP Addressing – cont.
    [Show full text]
  • OES 2 SP3: Novell CIFS for Linux Administration Guide 9.2.1 Mapping Drives from a Windows 2000 Or XP Client
    www.novell.com/documentation Novell CIFS Administration Guide Open Enterprise Server 2 SP3 May 03, 2013 Legal Notices Novell, Inc., makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc., makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes. Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classification to export, re-export or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. See the Novell International Trade Service Web page (http://www.novell.com/info/exports/) for more information on exporting Novell software.
    [Show full text]
  • Shared Resource Matrix Methodology: an Approach to Identifying Storage and Timing Channels
    Shared Resource Matrix Methodology: An Approach to Identifying Storage and Timing Channels RICHARD A. KEMMERER University of California, Santa Barbara Recognizing and dealing with storage and timing channels when performing the security analysis of a computer system is an elusive task. Methods for discovering and dealing with these channels have mostly been informal, and formal methods have been restricted to a particular specification language. A methodology for discovering storage and timing channels that can be used through all phases of the software life cycle to increase confidence that all channels have been identified is presented. The methodology is presented and applied to an example system having three different descriptions: English, formal specification, and high-order language implementation. Categories and Subject Descriptors: C.2.0 [Computer-Communication Networks]: General--se- curity and protection; D.4.6 ]Operating Systems]: Security and Protection--information flow controls General Terms: Security Additional Key Words and Phrases: Protection, confinement, flow analysis, covert channels, storage channels, timing channels, validation 1. INTRODUCTION When performing a security analysis of a system, both overt and covert channels of the system must be considered. Overt channels use the system's protected data objects to transfer information. That is, one subject writes into a data object and another subject reads from the object. Subjects in this context are not only active users, but are also processes and procedures acting on behalf of the user. The channels, such as buffers, files, and I/O devices, are overt because the entity used to hold the information is a data object; that is, it is an object that is normally viewed as a data container.
    [Show full text]
  • Shared Resource
    Shared resource In computing, a shared resource, or network share, is a computer resource made available from one host to other hosts on a computer network.[1][2] It is a device or piece of information on a computer that can be remotely accessed from another computer transparently as if it were a resource in the local machine. Network sharing is made possible by inter-process communication over the network.[2][3] Some examples of shareable resources are computer programs, data, storage devices, and printers. E.g. shared file access (also known as disk sharing and folder sharing), shared printer access, shared scanner access, etc. The shared resource is called a shared disk, shared folder or shared document The term file sharing traditionally means shared file access, especially in the context of operating systems and LAN and Intranet services, for example in Microsoft Windows documentation.[4] Though, as BitTorrent and similar applications became available in the early 2000s, the term file sharing increasingly has become associated with peer-to-peer file sharing over the Internet. Contents Common file systems and protocols Naming convention and mapping Security issues Workgroup topology or centralized server Comparison to file transfer Comparison to file synchronization See also References Common file systems and protocols Shared file and printer access require an operating system on the client that supports access to resources on a server, an operating system on the server that supports access to its resources from a client, and an application layer (in the four or five layer TCP/IP reference model) file sharing protocol and transport layer protocol to provide that shared access.
    [Show full text]
  • Cisco Router Block Wan Request
    Cisco Router Block Wan Request Equalitarian Fletcher sometimes daggled any aftershock unchurch conceptually. Computational Felix never personifies so proficiently or blame any pub-crawl untunably. Precedential and unsupervised Scott outspoke while cephalic Ronny snag her midlands weak-mindedly and kotows unsafely. Can you help me? Sometime this edge can become corrupted and needs to be cleared out and recreated. Install and Tuning Squid Proxy Server for Windows. Developed powerful partnerships with each physical network address on wan request. Lot we need to wan request to establish a banner for each nic ip blocks java applets that you find yourself having different. Proxy will obscure any wan cisco require a banner for yourself inside network address in its child and password: select os of attacks? Authorized or https, follow instructions below and see if a cisco and share your isp and sends vrrp advertisements, surf a traveling businesswoman connects after migration done on. Iax trunk on vpn for ospf network devices and how will have three profiles to be found over time a routing towards internet security profile. Pfsense box blocks as your wan cisco router request cisco router block wan requests specifically for commenting. Centralize VLAN, outbound policy, firewall rules, configuration profiles and more in minutes. Uncheck block cisco router wan request check box displays detailed statistics: wan request through our go. Fragmentation is choppy and asa would be the cisco request to content; back of connect wan rules for outside world? Is to configure static content on the result in theory this may block cisco wan router request check out ping requests.
    [Show full text]
  • Br-Asi01 Br-Asx01
    BR-ASI01 BR-ASX01 Data Comm for Business, Inc. 807 Pioneer Street Champaign, IL 61820 217-352-3207 Rev. Date: October 17, 1996 This manual applies to both the “I” and “X” router models. The “I” model (BR-ASI01) is single protocol TCP/IP only. The “X” model (BR-ASX01) is a multi-protocol router that routes TCP/IP, IPX, DECnet, and Appletalk. When using this manual with “I” model router, ignore the manual sections pertaining to protocols other than TCP/IP. CHAPTER 1 - INTRODUCTION 7 ABOUT THE BR ROUTER 7 Getting Started 7 Hardware Installation 7 RouterView Software Installation 8 Command Line Preparation 8 Quickstart Configuration 8 Appendices and Index 8 CHAPTER 2 - GETTING STARTED 9 A FEW NOTES 9 Please Read The Manuals 9 Warranty and Service 9 Getting Help With the BR Router 9 WHAT YOU WILL NEED TO GET STARTED 9 Supplied with the BR Router 9 Needed For Installation 10 Ethernet Connection Requirements 10 Thick Ethernet 10 Thin Ethernet 10 10Base-T Twisted-Pair Ethernet 10 Telco Line Connection Requirements 11 RS-232 Port 11 CHAPTER 3 - HARDWARE INSTALLATION 13 Mounting the Router 13 Connecting the Router to the Ethernet 14 Connecting to Thick Ethernet 14 Connecting to Thin Ethernet 14 Connecting to Twisted-Pair Ethernet 14 Connecting a Line Device to the BR Router 14 Connecting Devices to the RS-232C Port 15 Connecting an Out-of-Band Management Console 15 Powering Up the Router 15 CHAPTER 4 - ROUTERVIEW SOFTWARE INSTALLATION 17 RouterView for Windows 17 System Requirements 17 Installing and Running RouterView for Windows 17 RouterView
    [Show full text]
  • Discussion Chapter#9 Services of Data-Link
    The Islamic University of Gaza ECOM 4314: Data Communication Faculty of Engineering Instructor: Dr. Aiman Abu Samra Department of Computer Engineering T.A.: Eng. Alaa O. Shama Discussion Chapter#9 The data-link layer of a node (host or router) is responsible for delivering a datagram to the next node in the path. The data-link layer is located between the physical and the network layers. The datalink layer provides services to the network layer; it receives services from the physical layer. data-link layer of the source host needs only to encapsulate the datagram received from the network in a frame, the data-link layer of the destination host needs to decapsulate the datagram from the frame, but each intermediate node needs to both encapsulate and decapsulate, because each link may be using a different protocol with a different frame format. Even if one link and the next are using the same protocol, encapsulation and decapsulation are needed because the link-layer addresses are normally different. Services of Data-Link: 1. Framing The data-link layer at each node needs to encapsulate the datagram (packet received from the network layer) in a frame before sending it to the next node. The node also needs to decapsulate the datagram from the frame received on the logical channel. 2. Flow control If the rate of produced frames is higher than the rate of consumed frames, frames at the receiving end need to be buffered while waiting to be consumed (processed). Definitely, we cannot have an unlimited buffer size at the receiving side.
    [Show full text]
  • AWS Site-To-Site VPN User Guide AWS Site-To-Site VPN User Guide
    AWS Site-to-Site VPN User Guide AWS Site-to-Site VPN User Guide AWS Site-to-Site VPN: User Guide Copyright © Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon. AWS Site-to-Site VPN User Guide Table of Contents What is Site-to-Site VPN ..................................................................................................................... 1 Concepts ................................................................................................................................... 1 Working with Site-to-Site VPN ..................................................................................................... 1 Site-to-Site VPN limitations ......................................................................................................... 2 Pricing ...................................................................................................................................... 2 How AWS Site-to-Site VPN works ........................................................................................................ 3 Site-to-Site VPN Components .....................................................................................................
    [Show full text]
  • Networking Standards Mark Davies, Digital Equipment Corporation
    N92-12499 Networking Standards Mark Davies, Digital Equipment Corporation ABSTRACT The enterprise network is currently a multivendor environment consisting of many defacto and proprietary standards. During the 1990s, these networks will evolve towards networks which are based on international standards in both the LAN and WAN space. Also, you can expect to see the higher level functions and applications begin the same transition. The Open Network Advantage Market Requirements OPEN NETWORKS!!! Multi-protocol, multi-platform, multi-vendor networks working together International AND defacto standards Effortless communications within and between enter- prises Ability to move to standards at own pace What is an Open System? Defined as: A vendor-neutral computing environment: - compliant with International and defacto standards - permits system and network interoperability or software applications portability - includes consistency of data and human access - satisfies one or more of a business's functional requirements Standards Benefits from networks based on international and defacto standards o Vendor independence o Applications portability o Investment protection o Improved communications leading to increased productivity o Network flexibility 13DSDDED Network Architectures: DECnet, OSI, TCP/IP DECnet OS) IP Application Application Internet Applications Protocols Presentation DMA Session Control Session Transport Transport Transport (NSP) (TP 0,2,4) (TCP / UDP) Network Network Network (CLNS) (CLNS/CONS) (IP) Data Link Data Link Data Link
    [Show full text]
  • IOS XR Attestation Trust Me, Or Trust Me Not?
    IOS XR Attestation Trust me, or Trust me not? Dan Backman, Portfolio Architect @jonahsfo BRKSPG-1768 Cisco Webex Teams Questions? Use Cisco Webex Teams to chat with the speaker after the session How 1 Find this session in the Cisco Events Mobile App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space BRKSPG-2415 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Agenda • Risks to the Network Infrastructure • Measuring and Validating Trust in Cisco IOS-XR routers • New commands for Trust Integrity Measurement in IOS XR • Building a Service to Report on Trust Evidence • Conclusion BRKSPG-2415 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 Trusted Platform “Integrity, not just security.” © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public “Network devices are ideal targets. Most or all organizational and customer traffic must traverse these critical devices.” Source: US-CERT Alert (TA18-106A) Original release date: April 16, 2018 “The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations.” Source: US-CERT Alert (TA16-250A) Original release date: Sep 6, 2016 BRKSPG-2415 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Growing Concerns for Service Providers Targeted attacks on Critical Infrastructure Impact on Economy Untrusted Locations Complex to Manage BRKSPG-2415 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 How do I know my device has not been compromised? What is Trustworthy and Why Does It Matter? To build a trustworthy platform The network infrastructure must be constructed on a platform of trustworthy technologies to ensure devices operating are authentic and can create verifiable evidence that they have not been altered.
    [Show full text]
  • Frequently Asked Questions
    Frequently Asked Questions Q. How can I use the city’s Wi-Fi network? A. BellevueConnect uses the Wi-Fi standard (also known as IEEE 802.11b or g). Your laptop may have wireless built-in, or you can add a Wi-Fi compatible network card to it. Most users can simply bring their wireless-enabled laptop computer or other wireless device and turn it on. Q. How do I connect to the internet through the wireless network? A. Wireless access points, located throughout the buildings, communicate with your wireless device. You should be able to connect anywhere in the public areas. When your wireless network card senses the BellevueConnect, the city’s Wi-Fi BellevueConnect signal, a message appears on the network, is open to all City Hall, South screen indicating the wireless network is available. If Bellevue Community Center, Highland there are multiple wireless networks detected, you Community Center, Crossroads will need to select the BellevueConnect network Community Center and North Bellevue to connect. Open your web browser and it should Q. Is my information safe while using wireless? Community Center visitors free of automatically connect to the Internet. A. BellevueConnect does not provide security or confidenti- charge. There are no preauthorization Q. Will I need any special settings or passwords to con- ality for your computer or data. Connecting your com- (or approval) requirements, although nect? puter to the Internet via BellevueConnect could exposes it you will be asked to accept a policy A. No. BellevueConnect is open to all users who accept the to the same viruses and other security risks as any Internet statement on acceptable use prior to City’s acceptable use policy.
    [Show full text]