Re: Switch Administration

garst.team · ‎09-12-2006

This is a general information request regarding a switches role in a LAN. I was wondering what role a company would play in supporting a switch. For instance, if you paid the manufacturer to monitor a switch, what information would they be privy to in terms of the information traversing the switch. Also, would such access grant them domain to other parts of the network, or would it only be restricted to that switch. I don't expect full explanations, but if anyone knows of any documentation, it would be most appreciated.

nhabib · ‎09-12-2006

Well it all depends on how much access you provide to the administrator.

If you allow a sniffer to be attached to the switch, then all traffic may be captured and viewed.

On the other hand, if you simply provide the Read-Only SNMP community string, then the administrator will simply be able to monitor statistics and nothing else.

gpulos · ‎09-13-2006

with cisco equipment in your environment, you will have FULL CONTROL over what an outsourced management service can access or see.

if you want a provider to only be able to view status, get alerts when problems arise and then inform you of the issues, then this is possible.

you will have the ability to limit the type of administration that can be performed on your cisco equipment.

cisco equipment IOS, the operating system, provides for the ability to have priviledge level administration which provides multiple levels of admin access to the equipment per user.

this, coupled with a good security/authentication scheme such as RADIUS, tacacs and/or other AAA, can provide a very stable, secure system which can be remotely managed without the worry of sensative company data being at risk.