C. (Cisco switch troubleshooting). (cisco switch security)



Index


[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X]

capture command
capturing
     debug command output
     IPS traffic
         on hub
         on MPLS IP IDS
         on RSPAN
         on SPAN
         on VACL
     packets on FWSM
     sniffer traces
"cascade" replication
case studies
     Hairpinning, configuring
     PEAP configuration 2nd
     RADIUS configuration on Cisco IOS routers
     troubleshooting VPDN on Cisco IOS routers
     user permissions on Router MC
         ACS roles 2nd
         CiscoWorks Server roles
     VPDN configuration on Cisco IOS routers
Catalyst 2900/3500XL switches, configuring IPS traffic capture with SPAN
Catalyst 2900/3600XL switches, configuring SPAN
Catalyst 2950 switches, configuring IPS traffic capture with SPAN
Catalyst 2950/3550 and 3750 switches, configuring SPAN
Catalyst 3550 switches, configuring IPS traffic capture with SPAN
Catalyst 3750 switches, configuring IPS traffic capture with SPAN
Catalyst 4000/6000 switches running CatOS, configuring SPAN
Catalyst 4000/6000 switches running Native IOS, configuring SPAN
Catalyst 6500, IDSM-2 blade
     Command and Control port, configuring
     event generation, troubleshooting
     front panel indicator lights
     hardware issues on CatOS, troubleshooting
     hardware issues on Native IOS, troubleshooting
     hardware requirements
     installing
     Maintenance Partition, upgrading
     Promiscuous mode
         configuring
         troubleshooting
     re-imaging
     removing from switch
     serial cable, connecting
     signature update, installing
     slot assignment
     sniffing ports
     supported ports
     TCP reset
     upgrading to version 5.x
     user passwords, recovering
     VACL Capture
     versus IDS Appliance
categorizing CS ACS problem areas
CatOS, Native IOS show commands
CBAC (Context-Based Access Control)
     Active FTP connections, handling
     anti-spoofing configuration, best practices
     asymmetric routing, troubleshooting
     Cisco IOS code base, upgrading
     connection states
     connectivity, troubleshooting
     CPU utilization, verifying
     FAQs
     half-open connections, manipulating threshold values
     HTTP inspection, verifying dropped packets
     interaction with IPsec
     interoperability with NAT
     IP fragmentation, mitigating
     Java blocking, configuring
     misconfigured ACLs, troubleshooting
     misconfigured IP inspection, troubleshooting
     misconfigured NAT, troubleshooting
     multi-channel protocols
         inspecting 2nd
         securing
     packet drops, troubleshooting
     packet flow across routers
     performance, troubleshooting
     protecting inside network
     router security configuration, best practices
     single channel protocol inspection
         application-layer protocols
         ICMP
         SMTP
         UDP
     switching path, troubleshooting performance issues
     TCP SYN flood attacks, mitigating
     troubleshooting
     UDP connection timeout, selecting
     UDP inspection, troubleshooting
     URL filtering
         configuring
         troubleshooting
CEP (Certificate Enrollment Protocol), PKI
     configuring
     troubleshooting
CFG directory (CSA MC)
challenge-response-based authentication
changing database maximum event limit
check pointing CiscoWorks Common Services database
checking status of Firewall MC processes
CIDEE (Cisco Intrusion Detection Event Exchange)
CIFS access, configuring on VPN 3000 Concentrator series
circular blocks
Cisco AV-Pairs
Cisco IOS routers
     AAA
         accounting, configuring
         Auth-proxy, troubleshooting
         command authorization
         dial-up networking, troubleshooting
         exec authorization
         router management, troubleshooting
         VPDN case study
         X-Auth, troubleshooting
     IPsec VPNs
         PKI, troubleshooting
         Remote Access client VPN connections, troubleshooting
     NM-CIDS, managing
     RADIUS configuration, case study
     VPDN troubleshooting, case study
     VPNs, DMVPN
Cisco IOS Software, upgrading code base on CBAC routers
Cisco PIX firewalls [See PIX firewalls.]
Cisco Secure ACS mode (CiscoWorks Common Services)
Cisco Security Agent Management Center (CSA MC) license key
Cisco switches
     AAA
         802.1x FAQs
         authorization, troubleshooting
         IBNS
         PEAP configuration, case study
         switch management 2nd
     IBNSs
         IEEE 802.1x framework
CiscoWorks Common Services database
     backing up
     FAQs
     installing
         database management
         minimum requirements
         problems, troubleshooting
         user management issues
     license key, upgrading
     licenses, troubleshooting
     managing, best practices
     MDCSUPPORT
         files collected by
     MDCSupportInformation.zip file, file summary
     Privileges
     resolving DNS errors
     restore procedures 2nd
     Roles
     running on multi-homed machines
     user authentication, case study
     user management
CiscoWorks Common Services Desktop, launching on browser
CiscoWorks MDCSupportInformation.zip, file contents
classifier
clear crypto sa command
CLI (command-line interface)
     IPS sensors, licensing
clientless SSL VPN mode (VPN 3000 Concentrator series)
     configuring
     troubleshooting
closing NM-CIDS sessions
cluster redundancy on VPN 3000 Concentrator series
collecting MDCSupport file on Windows platform
combined sensor mode (IPS)
Command and Control port
     on IDSM-2
         5-minute output rate, checking
         configuring
     on NM-CIDS
         configuring
command authorization, troubleshooting on Cisco routers
commands
     capture
     clear crypto sa
     debug
     debug aaa accounting
     debug aaa authentication
     debug aaa authorization
     debug application-protocol
     debug commands, FWSM-related
     debug fixup tcp|udp
     debug icmp trace
     debug ip inspect
     debug pix process
     debug sanity
     debug tunnel
     diagnostic level complete
     for PIX flash file system
     intrusion-detection module
     ip port-map
     iplog
     nslookup
     packet
     ping
     recover application-partition
     service-module, connecting to NM-CIDS
     show aaa servers
     show aaa user
     show accounting
     show asp drop
     show authorization
     show blocks
     show commands
         for IPsec Phase 1 tunnel negotiations
         for IPsec Phase 2 tunnel negotiations
         FWSM-related
     show configuration
     show connection
     show cpu usage
     show crypto ipsec
     show crypto map
     show dot1x all
     show dot1x statistics
     show events
     show interfaces
     show ip inspect
     show local-host
     show localusers
     show module
     show output filters
     show radius
     show radius statistics
     show running config 2nd
     show running logging
     show security acl
     show service-policy 2nd
     show span
     show statistics
     show tacacs 2nd
     show tech-support 2nd
     show test
     show traffic
     show trunk
     show users
     show version 2nd 3rd 4th
     show vlan brief
     show xlate
     tcpdump
     telnet
     time-range
     traceroute
     winmsd
common services license key
commonly asked questions [See 802.1x, FAQs.]
communication architecture
     for CSA MC
     of Firewall MC
     of Router MC
     on IDS MC
communication protocols
     RADIUS
         authentication operation
         authorization operation
         configuring, case study
     TACACS+
         AAA packet flows
         accounting operation
         authentication operation
         authorization operation
         versus RADIUS
compacting
     CiscoWorks Common Services database
     CS ACS database
     CSA MC database
comparing RADIUS and TACACS+
compilation process for ACLs on FWSM
components of CSA 2nd
Conduit to Access-list Converter
configuration files
     for VPN 3000 Concentrator series
     sysvars.cf
configuring
     AAA
         best practices
         on Cisco switches, enable password authentication
     accounting
         on Cisco IOS routers
         on Cisco switches
     active/active failover on PIX Firewall
     alerts
     audits
     auth-proxy
     basic router security, best practices
     blocking
     CBAC anti-spoofing, best practices
     clientless SSL VPN mode on VPN 3000 Concentrator series
     Command and Control interface (NM-CIDS)
     connectivity
         on FWSM
         on PIX Firewall
     CS ACS
         AAA Client definition for VPN 3K
         domain controller mode
         replication 2nd
     email notification
     Firewall MC, Recovery Server
     FWSM
         failover
         multiple SVI interfaces 2nd
     GRE over IPsec
     Hairpinning
     IDM sensors, trusted hosts
     IDS MC, best practices
     IDSM-2
         Command and Control port
         Promiscuous mode
     IPS sensor, Inline mode
     IPsec LAN-to-LAN VPN tunnels 2nd
         crypto maps, creating
         transform sets
         tunnel groups
     IPsec over TCP
     Java blocking
     LAN-to-LAN tunnels on VPN 3000 Concentrator series
     LLQ on PIX Firewall
     local user authentication on VPN 3K
     login authentication
     MAPI Proxy on VPN 3000 Concentrator
     MBS
     MPLS IP IDS, IPS traffic capture
     NARs 2nd
     NAT-T
     NDS database with CS ACS
         troubleshooting
     NM-CIDS, time stamping
     packet capturing on NM-CIDS
     PEAP
         case study 2nd
         Machine Authentication
     PIX Firewall
         multiple context mode
         policing
         Remote Access VPN
     PKI
     RADIUS
         dynamic filters
         on Cisco IOS routers, case study
     Remote Access VPN connections on VPN 3000 Concentrator series
     RSPAN, IPS traffic capture
     sensors
         on IDS MC
         shunning, case study
     SPAN
         IPS traffic capture
         on Catalyst 2900/3600XL
         on Catalyst 2950/3550 and 3750
         on Catalyst 4000/6000 running CatOS
         on Catalyst 4000/6000 running Native IOS
     Split Tunneling
     SSL VPN on VPN 3000 Concentrator, Thick Client mode
     syslog on PIX Firewall
     TACACS+ on VPN 3K
     traceback on PIX Firewall
     transparent firewalls
         on PIX Firewall
     URL filtering
     VACL, IPS traffic capture
     VPN 3000 Concentrator series
         Cisco Secure ACS
         event classes
         group authentication with RADIUS
         Group feature
         Group Lock feature
         local group and user authentication
         RADIUS Server
     Windows NT/2000 Authentication, Unknown User Policy
connecting
     IPS sensor to network
     serial cable to IDSM-2
     to NM-CIDS console
connection block
connection states, CBAC
connectivity
     on CBAC, troubleshooting
     on FWSM
         configuring
         troubleshooting 2nd
     on IPS sensors, troubleshooting
     on PIX Firewall
         configuring
         displaying details
         troubleshooting
     testing with ping command
console access to NM-CIDS, troubleshooting
console port (NM-CIDS)
Context-Based Access Control [See CBAC (Context-Based Access Control).]
CONTINUE packets (TACACS+)
control connection
cooperation between SecOP and NetOP personnel
core dumps
     generating
         with Flash disk
         with FTP
         with rcp
         with TFTP
     testing configuration of
corrupt IDS MC licenses, troubleshooting
CP (control plane), FWSM architecture
CPU utilization
     on CBAC, verifying
     on FWSM, troubleshooting
     on PIX Firewall
         displaying
         troubleshooting
Cr directory (CSA MC)
creating
     buffer overflow exclusions
     crypto maps for LAN-to-LAN tunnels
     database rules
     DMVPN spoke-to-spoke tunnels
     dump text files
     dynamic crypto maps
     exceptions
     securitylog.txt file
     transform sets
CRSHDUMP.TXT file
Crypto Errors (CS ACS), resolving
crypto maps, creating for LAN-to-LAN tunnels
crypto socket creation problems (NHRP), troubleshooting
cryptographic algorithms
cryptographic-based authentication (EAP)
CS ACS (Cisco Secure Access Control Server)
     AAA Client definition for VPN 3K, configuring
     Active Directory integration
     application-specific roles
     as proxy server
     associated registries
     backing up
     best practices
     categorizing problem areas
     configuring
     database, compacting
     default NAS, adding
     domain controller mode, configuring
     domain stripping
     external user database integration, required components
     FAQs
     GUI, recovering lost passwords
     installing on Windows platform
     "Logged in Users" report
     NARs
         configuring 2nd
         troubleshooting
     NASs, bulk importing
     Novell IDS integration
         troubleshooting
     packet flow
     password encryption
     RADIUS Server, communicating with VPN 3K
     replication
         configuring 2nd
         troubleshooting
     SDI integration
         troubleshooting
     services, CSAdmin
     setup procedures for Router MC
     Shared File Components
     uninstalling
     upgrading on Windows platform
     user names, defining
     user/NAS import options
         exporting user and group information
         importing NAS to CS ACS database
         importing users to existing database
     users, deleting
CSA Agent
     application issues, troubleshooting
     communication with CSA MC, troubleshooting
     csainfo.bat utility
     debug mode, turning on
     disk usage, monitoring
     installation
         minimum requirements
         troubleshooting 2nd
     license, procuring
     log files
     policies
     polling issues, troubleshooting
     registration, troubleshooting
     removing from Windows systems
     rtrformat utility
     shims, disabling
     software, procuring
     stopping service
     update issues, troubleshooting
CSA MC (Cisco Security Agent Management Console)
     communication architecture
     database
         compacting
         manual backups, performing
         purging events from
         repairing
         restoring
     database maintenance
     default installation directory
     directory structure
     disaster recovery
     DRP
     installation
         best practices
         minimum requirements
         troubleshooting
     launching
         problems with, troubleshooting
         slow launches, troubleshooting
     license key, installing
     licenses
         importing
         procuring
         troubleshooting
     local database installation, troubleshooting
     log directory
     log files
     management model
     manually removing components
     registration
     remote database installation, troubleshooting
     uninstalling
     upgrading
         on same system
         on separate system
CSAdmin
csainfo.bat utility
csalog.txt file
csauser.dll, disabling
CSAuth
CSDBSync
CSLog
CSMon
CSRadius service
CSSupport utility, files included in Package.cab file
CSTacacs service
csutil.exe 2nd
     options



Cisco Network Security Troubleshooting Handbook
Cisco Network Security Troubleshooting Handbook
ISBN: 1587051893
EAN: 2147483647
Year: 2006
Pages: 190
Authors: Mynul Hoda

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net