Buy or Renew
Buy or Renew
Join the Catalyst Center Onboarding Ask Me Anything event happening now!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1412
Views
0
Helpful
4
Replies

Good use of 3560G?

usmanfarooq08
Level 1
Level 1

‎01-04-2011 09:25 AM - edited ‎03-06-2019 02:49 PM

Hi All,

We purchased WS-C3560G-48TS-S few months back and after doing some minor configurations change it was up and running.

I feel like I can get some more use out of it for my organization. A little about my organization:

- The most users at one point can go up to 40 with mostly Mac OS X machines.

- About 5 departments. One of them is HR with Windows machines.

- We have a cisco 2600 as our gateway with NAT (its under ISP control and I can't configure as it is written in the contract between ISP and my organization)

- Main network services running in LAN are DHCP, AFP, DNS (hopefully soon), SMB, and CIFS. Very basic stuff.

What I would love is to create VLAN to break broadcast and multicast and implement some security. Also would love if I can get some kind of monitoring system up using Sniffer program with accurate results so I can detect bandwidth hogers in a an instant.

Tools at my disposal:

- 3560G

- CCNA Certification ^_^

- Windows server 2003

- Mac OS X server (10.5 and 10.6)

- A lot of patience and eager to be creative.

- No budget as we are a Non for Profit.

I would appreciate any advice/help/comments.

Thanks!

Labels:
0 Helpful
4 Replies 4

Todd Pula
Level 7
Level 7

‎01-04-2011 09:47 AM

You can definitely support interVLAN routing with your 3560 switch.  Please take a look at the doc below which provides a sample configuration.

http://www.cisco.com/en/US/customer/tech/tk389/tk815/technologies_configuration_example09186a008015f17a.shtml

Todd

0 Helpful

usmanfarooq08
Level 1
Level 1
In response to Todd Pula

‎01-05-2011 07:33 AM

Hi Todd,

Thank you for your quick reply. Unfortunately, I am unable to access that page as it requires a higher level of access then what I have.

I will try to take another shot at setting up interVLAN and have trunking between them.

Is their any security feature I can implement as to protect certain VLAN e.g. my servers. So that only certain packets can get thorough to the protected VLAN. I guess implementing an ACL?

I just need some general direction as I will figure out the actual working.

Thanks again for your time.

- Usman

0 Helpful

Todd Pula
Level 7
Level 7
In response to usmanfarooq08

‎01-05-2011 09:32 AM

It depends on what layer you are looking to secure.  An extended ACL can be configured to restrict traffic flows in and out of a VLAN interface.  Private VLANs and VLAN ACLs among others can be used to secure Layer 2.  Attached are a few pdfs for your reference.

Preview file
54 KB
0 Helpful

hobbe
Level 7
Level 7

‎01-05-2011 02:23 PM

You have no budget so buying stuff is out of the question. so lets go crazy and do some brainstorming.

You wanted to do some monitoring.

How about nagios, free software to monitor your environment (maybe more switches than this ?)

A good syslog server might be interesting ?

For security why not try a IDS sensor like snort ?

Why not add some small traps such as access-lists that allows but logs and the logs will tell you of intruders fx.

Some good stuff that might be interesting is TCL scripting.

The 3560G can do l3 so you can use that as a router, you can also set up VLANs and add access-lists to help you control the environment.

Get authorisation to do a proper sweep of your internet addresses.

and of corse why not a littlebit wireshark via span on the interface towards the router..

good luck

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card