Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
760
Views
0
Helpful
4
Replies

Network segmentation

Fida jlassi
Level 1
Level 1

‎08-24-2015 05:32 AM - edited ‎03-05-2019 02:08 AM

Hi,

 

Is there a way to test the network segmentatation ( procedure, tool...) , in order to check the security vulnerabilities in the network (the network is based on the Cisco infrastructure)?

Labels:
0 Helpful
4 Replies 4

chris noon
Level 1
Level 1

‎08-24-2015 06:28 AM

You could use a network/IP scanner in order to test what IP address can be reach on what ports from a specific point in the network.  

 

However be very careful as these types of tests can saturate your network.

0 Helpful

Fida jlassi
Level 1
Level 1
In response to chris noon

‎08-24-2015 07:11 AM

Could you please explain more. for example I have two networks 192.168.141.0/24 and 192.168.142.0/24 how can I test the network segmentation ?

0 Helpful

chris noon
Level 1
Level 1
In response to Fida jlassi

‎08-24-2015 11:56 AM

I will try to expand a little further.

 

Use a server or a laptop and place it into network 192.168.141.0/24.  Give it an IP address in the same range.

 

Use an network/IP scanner and scan all ports on network 192.168.142.0/24.  This will show you each IP address that is reachable and what ports they are reachable on.

 

If you find a good network/IP scanner you can get it to alter the source address as well so it will test all source addresses against all destination addresses giving you a complete network to network permission list.

0 Helpful

Fida jlassi
Level 1
Level 1
In response to chris noon

‎08-25-2015 01:37 AM

Thanks for the clarification, could you please give us the name of the network/IP scanner.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card