CCNA SECURITE – Sécuriser les ports du Switch avec la commande switchport

Introduction to Port Security

Overview of Port Security

• The discussion begins with an introduction to the topic of port security, emphasizing its importance in preventing unauthorized access to network switches.

• The speaker mentions using a command called "Switch port" to implement security measures on switch ports.

Power Security Command

• The "Power Security" command is introduced as a method for controlling access by filtering source addresses on switch ports.

• It highlights potential threats from malicious employees who could connect unauthorized devices to the network.

Configuring MAC Addresses

Static vs. Dynamic MAC Addressing

• Two methods for defining MAC addresses are discussed: static and dynamic configurations.

• In static mode, MAC addresses are manually added, while dynamic mode allows automatic learning of addresses.

Violation Cases and Switch Behavior

Modes of Operation During Violations

• The speaker explains two modes for handling violations: protect and restrict modes.

• In protect mode, packets from violating machines are blocked without sending notifications; restrict mode sends SNMP messages when violations occur.

Shutdown Mode

• A third option, shutdown mode, completely disables the port upon violation and sends an SNMP message alerting administrators about the incident.

Steps for Securing Ports

Configuration Steps

• The process begins with activating the port using specific commands related to security settings.

• Ports must be set in trunk mode; otherwise, security features cannot be applied effectively.

Setting Maximum Addresses and Reaction Modes

• It's crucial to define the maximum number of MAC addresses allowed on a port based on network usage needs.

• Administrators can choose how the switch reacts during a violation (protect, restrict, or shutdown).

Practical Demonstration

Live Configuration Example

• A practical demonstration is provided using Cisco equipment where three PCs are connected to illustrate securing one specific port against unauthorized access.

• The configuration steps include activating the port and setting it up correctly within Cisco's Packet Tracer environment.

This structured approach provides clarity on key concepts surrounding port security while allowing easy navigation through timestamps for further exploration.

Configuration of Switch Port Security

Defining Reaction Modes for Violations

• The discussion begins with defining the reaction mode in case of a violation, emphasizing the importance of this configuration.

• It is suggested to handle MAC address violations statically before exploring dynamic structures.

Command Line Interface Usage

• Instructions are provided on using the command line interface, specifically utilizing ipconfig to check network configurations.

• A command related to switch port security is introduced, focusing on setting up MAC address security.

Dynamic and Static Addressing

• The speaker explains how to configure dynamic addressing using TQM (presumably referring to a specific command or method).

• It is noted that by default, the violation mode for switches is set to "shutdown," which can be configured differently if desired.

Understanding Violation Modes

• Three modes of violation are discussed: protect, restrict, and shutdown. Each mode has different implications for network security.

• The default shutdown mode does not appear in configurations unless explicitly changed; it’s important for users not to overlook this detail.

Testing Configuration Changes

• A practical example is given where a connection from PC1 is switched to PC3, demonstrating real-time changes in configuration.

• The speaker configures PC3 with an IP address within a specified subnet range (192.168.1.0/24).

Connectivity Verification

• After configuring addresses, connectivity tests are performed using ping commands between PCs.

• A failed ping request indicates that unauthorized devices cannot communicate through the switch port due to security settings.

Importance of Port Security

• Emphasis is placed on ensuring only authorized machines can connect at designated ports as a means of enhancing network security.

Sticky MAC Address Learning

• The concept of sticky MAC addresses is introduced as a method for dynamically learning and securing device connections.

Re-enabling Ports After Violations

• Instructions are provided on re-enabling ports after they have been shut down due to violations, highlighting necessary commands and procedures.

Finalizing Configurations

• Maximum MAC address limits are set during configuration processes as part of enhancing port security measures.

Saving Configurations Permanently

• Discussion concludes with instructions on saving configurations permanently so that they persist across reboots or power cycles.

Understanding Port Security and Violation Modes

Introduction to Port Security

• The discussion begins with a scenario where PC2 is replaced by PC3 to observe how the violation will occur when attempting to eliminate a connection.

• It is emphasized that traffic generation is crucial; without it, the switch cannot learn the addressing necessary for security configurations.

Learning Addressing and Blocking Ports

• Once the switch learns the addressing, it will automatically block ports or packets passing through them if they violate security policies.

• Unlike previous cases where ports were shut down due to violations, this case uses a moderated violation mode as per script configuration.

Verifying Network Security Policies

• To check for malicious users violating security policies, one can access the switch's configuration settings.

• The command show 5 security reveals detailed information about configured ports, including maximum address limits and current violation counts.

Detailed Configuration Insights

• The output from the command provides insights into port configurations such as secure direction and action taken during violations (e.g., shutdown).

• A more detailed view of port configurations can be obtained by accessing specific interface settings on the switch.

Understanding Port Security Settings

• Key aspects of port security include enabling security features, defining violation modes (e.g., restrict), and setting maximum addresses allowed on each port.

• The importance of identifying MAC addresses involved in violations is highlighted along with tracking violation counts for better network management.

Conclusion and Learning Outcomes

• The session concludes with an encouragement to explore further commands discussed, emphasizing their utility in understanding network security.