Putting 2 & 2 Together. By Stephen Dugan, CCSI [email protected] Introduction. Welcome to the presentation and Thank you for coming! Who is the speaker? What is the focus of the presentation?. Introduction Section 1 – Current Design Best Practices
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Welcome to the presentation
Thank you for coming!
Section 1 – Current Design Best Practices
Section 2 – Emerging Design Practices
Current Design Model
Layer 2 or Layer 3
Security could be stronger….
L2 Functions that provide security:
L3 Functions that provide security:
ACLs at Distribution Layer:
Ingress - Egress from Core
Network Based IDS (if used?!?)
Hard issues to Address with this design:
Emerging Changes to Design Model
Main Changes is focusing around bringing the Layer 3 Routing functionality close to the end stations.
Routing to Desktop
Core L2 or L3
From the Physical Layout it looks the same (Good news no Rewire!)
With L3 Capabilities within the
HSRP isn’t needed
STP is irrelevant
Routing to Distribution Layer
Concept of “Private-VLANs” can
be implemented easily
Security Problems Solved:
ROOT Take over
HSRP MiTM Attack (or DOS)
Better QOS handling (NBAR)
OSPF or EIGRP
OSPF or EIGRP
Special thanks to
Jeff Moss, Keith Myers and the rest of the Black Hat Crew.