Chapter 11: It’s a Network Introduction to Networking Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1 NOTICE Date Thursday 16th January 2014 Lab 405 in 2PM. Note: This is a closed book multiple choice exam covering all 7 chapters. Normal DIT exam regulations apply. Also no calculators allowed. I will do a tutorial from 3:30PM to 5:30PM on Tuesday14th January 2014 in Rm 407 (Lecture Theatre). Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2 1 Devices in a Small Network Device Selection for a Small Network Factors to be considered when selecting intermediate devices (Routers, Switches) Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 3 Devices in a Small Network Device Selection for a Small Network Cost Determined by its capacity and features. Includes the number /type/ speed of ports. Other factors network management capabilities, embedded security technologies, and optional advanced switching technologies. The expense of cable runs required to connect every device on the network must also be considered. Another key element affecting cost consideration is how much redundancy to incorporate into the network – this includes devices, ports per device, and copper or fiber-optic cabling. Speed and Types of Ports/Interfaces Choosing the number and type of ports on a router or switch is a critical decision. Copper/Fibre 10/100/100 Mbps Expandability Networking devices come in both fixed and modular physical configurations. Fixed - specific number and type of ports or interfaces. Modular devices have expansion slots that provide the flexibility to add new modules as requirements evolve. Operating System Features and Services Depending on the version of the operating system, a network device can support certain features and services, such as: Security, QoS, VoIP, Layer 3 switching, NAT, DHCP Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 4 2 Devices in a Small Network Addressing for a Small Network IP addressing scheme should be planned, documented and maintained based on the type of devices receiving the address. Examples of devices that will be part of the IP design: End devices for users Servers and peripherals Hosts that are accessible from the Internet Intermediary devices Planned IP schemes help the administrator: Track devices and troubleshoot Control access to resources Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 5 Devices in a Small Network Redundancy in a Small Network Redundancy helps to eliminate single points of failure. Improves the reliability of the network. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 6 3 Devices in a Small Network Design Considerations for a Small Network The following should be included in the network design: Secure file and mail servers in a centralized location. Protect the location by physical and logical security measures. Create redundancy in the server farm. Configure redundant paths to the servers. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 7 Protocols in a Small Network Real-Time Applications for a Small Network Infrastructure - needs to be evaluated to ensure it will support proposed real time applications. VoIP is implemented in organizations that still use traditional telephones IP telephony - the IP phone itself performs voice-to-IP conversion Real-time Video Protocols - Use Time Transport Protocol (RTP) and Real-Time Transport Control Protocol (RTCP) Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8 4 Growing to Larger Networks Scaling a Small Network Important considerations when growing to a larger network: Documentation – physical and logical topology Device inventory – list of devices that use or comprise the network Budget – itemized IT budget, including fiscal year equipment purchasing budget Traffic Analysis – protocols, applications, and services and their respective traffic requirements should be documented Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9 Growing to Larger Networks Evolving Protocol Requirements Network administrators can obtain IT “snapshots” of employee application utilization. Snapshots track network utilization and traffic flow requirements. Snapshots help identify any network modifications needed. These snapshots typically include information such as OS version, Network & Non-Network Applications, and CPU, Drive & RAM utilization. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 10 5 Growing to Larger Networks Protocol Analysis of a Small Network Information gathered by protocol analysis can be used to make decisions on how to manage traffic more efficiently. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11 Protocols in a Small Network Common Protocols in a Small Network Network protocols support applications and services. • Common network protocols include DNS, Telnet, IMAP, SMTP, POP, DHCP, HTTP, and FTP. Network protocols define: • Processes on either end of a communication session. • Types of messages. • Syntax of the messages. • Meaning of informational fields. • How messages are sent and the expected response. • Interaction with the next lower layer. Secure versions of some of these protocols are HTTPS, SFTP, and SSH. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 12 6 Protocols in a Small Network Real-Time Applications for a Small Network Infrastructure - needs to be evaluated to ensure it will support proposed real time applications. VoIP is implemented in organizations that still use traditional telephones. VoIP uses voice-enabled routers that convert analog voice from traditional telephone signals into IP packets. IP telephony - the IP phone itself performs the voice-to-IP conversion. Voice-enabled routers are not required. IP phones use a dedicated server for call control and signalling. Real-time Video Protocols - Use Real-Time Transport Protocol (RTP) and Real-Time Transport Control Protocol (RTCP) support applications that require delay-sensitive delivery. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13 Cisco Confidential 14 Network Device Security Measures Threats to Network Security Categories of Threats to Network Security Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. 7 Network Device Security Measures Physical Security Four classes of physical threats are: Hardware threats - physical damage to servers, routers, switches, cabling plant, and workstations. Environmental threats - temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry) Electrical threats - voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss Maintenance threats - poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 15 Network Device Security Measures Types of Security Vulnerabilities Technological weaknesses (TCP/IP weakness – HTTP, FTP & ICMP are inherently insecure). Configuration weaknesses (unsecured user accounts, easily guessed passwords, unsecured default settings). Security policy weaknesses (lack of a written policy makes enforcement difficult, lack of a disaster recovery plan to deal with attacks, unauthorized software and hardware changes creating security holes). Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 16 8 Vulnerabilities and Network Attacks Viruses, Worms and Trojan Horses A virus - malicious software that is attached to another program to execute a particular unwanted function on a workstation. A Trojan horse - the entire application was written to look like something else, when in fact it is an attack tool. Worms - self-contained programs that attack a system and try to exploit a specific vulnerability in the target. The worm copies its program from the attacking host to the newly exploited system to begin the cycle again. • The key element that distinguishes a computer worm from a computer virus is that human interaction is required to facilitate the spread of a virus. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 17 Vulnerabilities and Network Attacks Reconnaissance Attacks Reconnaissance attacks - the unauthorized discovery and mapping of systems, services, or vulnerabilities. Attackers use Internet tools such as nslookup and whois to determine IP addresses, then ping to identify active addresses. To automate this step, they may use a ping sweep tool (fping or gping) which systematically pings all network addresses in a given range. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 18 9 Vulnerabilities and Network Attacks Access Attacks Access attacks - the unauthorized manipulation of data, system access, or user privileges. • Access attacks can be classified into four types: Password attack, Trust exploitation, Port Redirection, and Man-in-the-Middle attack. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 19 Vulnerabilities and Network Attacks Denial of Service Attacks (DoS) Denial of service - the disabling or corruption of networks, systems, or services so legitimate users are denied service. For example, a Ping of Death sends a malformed ping to a computer. A ping is normally 56 bytes but sending one larger than the IPv4 max size (65,535 bytes) could crash the target computer. NOTE: A packet of such a size normally can’t be sent, but if it is fragmented, when the target computer reassembles the packet a buffer overflow can occur, which often causes a system crash. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 20 10 Mitigating Network Attacks Backup, Upgrade, Update, and Patch Keep current with the latest versions of antivirus software. Install updated security patches. Antivirus software can be deployed at the user level and at the network level. Could manage critical security patches with a central patch server that all must check in with after a set period of time, as shown in Fig. Any patches not applied to a host are automatically downloaded from the patch server and installed without user intervention. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 21 Mitigating Network Attacks Authentication, Authorization, and Accounting Authentication, Authorization, and Accounting (AAA, or “triple A”) provide the primary framework to set up access control on a network device, i.e., AAA is a way to control access. Authentication - Users and administrators must prove their identity. Authentication can be established using username and password combinations, challenge and response questions, token cards, and other methods. • RADIUS and TACACS+ are for external authentication of users. Authorization - which resources the user can access and which operations the user is allowed to perform. Accounting - records what the user accessed, the amount of time the resource is accessed, and any changes made. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 22 11 Mitigating Network Attacks Firewalls A firewall resides between two or more networks. Firewall products come packaged in various forms, as shown in the Figure. They controls traffic and helps prevent unauthorized access. Methods used are: Packet Filtering - based on IP or MAC addresses. Application Filtering - Prevents or allows access by specific application types based on port numbers. URL Filtering - based on specific URLs or keywords. Stateful Packet Inspection (SPI) - Incoming packets must be legitimate responses to requests from internal hosts. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 23 Mitigating Network Attacks Endpoint Security Common endpoints are laptops, desktops, servers, smart phones, and tablets. Employees must follow the companies documented security policies to secure their devices. Policies often include the use of anti-virus software and host intrusion prevention. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 24 12 Securing Devices Introduction to Securing Devices Part of network security is securing devices, including end devices and intermediate devices. Default usernames and passwords should be changed immediately. Access to system resources should be restricted to only the individuals that are authorized to use those resources. Any unnecessary services and applications should be turned off and uninstalled, when possible. Update with security patches as they become available. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 25 Securing Devices Passwords To protect network devices, it is important to use strong passwords. Standard guidelines to follow are: • Use a password length of at least 8 characters. • Use a mix of uppercase and lowercase letters, numbers, symbols, and spaces (if allowed). • Avoid passwords based on repetition, dictionary words, usernames, birthdates, or other easily identifiable pieces of information. • Deliberately misspell a password. For example, Smith = Smyth = 5mYth or Security = 5ecur1ty. • Change passwords often. • Do not write passwords down and leave them in obvious places such as on the desk or monitor. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 26 13 Securing Devices Basic Security Practices Encrypt passwords - Global config command service password-encryption prevents unauthorized viewing of passwords in plaintext in the config file. Require minimum length passwords. Block brute force attacks – The command blocks login attempts for 120 seconds, if there are three failed login attempts within 60 seconds. Use Banner Message. Set EXEC timeout - This command will disconnect users after 10 minutes. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 27 Securing Devices Enable SSH The legacy protocol to manage devices remotely is Telnet, which is not secure as data is transmitted unencrypted. It is highly recommended to enable SSH on devices for secure remote access. Start by ensuring the router has a unique host name (R1). Then configure the IP domain name using the ip domainname domainname command. The 4 steps are shown in the figure. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 28 14 Ping Interpreting ICMP Messages The ping command is used to verify the internal IP configuration on the local host. The ping command moves from Layer 3 of the OSI model to Layer 2 and then Layer 1. Ping uses the ICMP protocol to check for connectivity. IOS Ping Indicators: • ! - indicates receipt of an ICMP echo reply message. • . - indicates a time expired while waiting for an ICMP echo reply message. • U - an ICMP unreachable message was received. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 29 Ping Leveraging Extended Ping The Cisco IOS offers an "extended" mode of the ping command (Pressing Enter accepts the indicated default values): This example illustrates how to force the source address for a ping to be 10.1.1.1 (see R2 in the figure); the source address for a standard ping would be 209.165.200.226. Thus the administrator can verify remotely (from R2) that R1 has the route 10.1.1.0/24 in its routing table. R2# ping Protocol [ip]: Target IP address: 192.168.10.1 Repeat count [5]: Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: y Source address or interface: 10.1.1.1 Type of service [0]: Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 30 15 Ping Network Baseline A baseline is a process for studying the network at regular intervals to ensure that it is working as designed. Measuring performance at varying times (see Figures on left below) and loads will assist in creating a better picture of overall network performance. Capturing ping command output can also be completed from the IOS prompt. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 31 Cisco Confidential 32 Tracert Interpreting tracert Messages A trace returns a list of hops as a packet is routed through a network. When performing a trace from a Windows computer use tracert, and from a router CLI use traceroute. Similar to ping, capturing the traceroute output can also be done from the router prompt. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. 16 Show Commands Common show Commands Revisited The status of nearly every process or function of the router can be displayed using a show command. Frequently used show commands: show running-config show interfaces show arp show ip route show protocols show version Show ip int brief Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 33 Show Commands Viewing Router Settings with show version The configuration register tells the router how to boot. There are many possible settings for the configuration register. The most common ones are: 0x2102 - Factory default setting for Cisco routers (load the IOS image from flash and load the startup config file from NVRAM). 0x2142 - Router ignores the contents of Non-Volatile RAM (NVRAM). 0x2120 - Router boots into ROMmon mode. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr Configuration register © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 34 17 Show Commands Viewing Switch Settings with show version The show version command on a switch displays information about the currently loaded software version, along with hardware and device information such as S/W ver, Bootstrap ver, system up-time, restart info (e.g., power cycle, crash), IOS filename, model number, memory type (shared/main), RAM, hardware interfaces, configuration register. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 35 Host and IOS Commands ipconfig Command Options ipconfig - displays ip address, subnet mask, default gateway. ipconfig /all – also displays MAC address. ipconfig /displaydns - displays all cached DNS entries in a Windows system. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 36 18 Host and IOS Commands arp Command Options The arp command enables the creation, editing, and display of mappings of physical addresses to known IPv4 addresses. The arp command is executed from the Windows command prompt. The arp –a command lists all devices currently in the ARP cache of the host. The arp -d command clears the cache. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 37 Host and IOS Commands show cdp neighbors Command Options CDP is a Cisco-proprietary protocol that runs at the data link layer. On boot up, CDP starts up by default. Below, R3 has used cdp to gather detailed information about R2, and switch S3 connected to the FE interface on R3. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 38 19 Host and IOS Commands Using show ip interface brief - Router Can be used to verify the status of all network interfaces on a router or a switch. The up in the Status column shows that this interface is operational at Layer 1. The up in the Protocol column indicates that the Layer 2 protocol is operational. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 39 Host and IOS Commands Using show ip interface brief - Switch An IP address is only necessary if the switch will be managed over the network using Telnet or SSH. If the network administrator plans to remotely connect to the switch from a location outside of the local LAN, then a default gateway must also be configured. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 40 20 Router and Switch File Systems Router File Systems show file systems command - lists all of the available file systems on a Cisco 1941 route. * Asterisk indicates this is the current default file system. The pound or hash symbol (#) appended to the flash listing indicates that it is a bootable disk. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 41 Backup and Restore Configuration Files Backup and Restore using Text Files Configuration files can be saved/archived to a text file using Tera Term, or HyperTerminal. A configuration can also be copied from a file to a device. When copied from a text file and pasted into a terminal window, the IOS executes each line of the configuration text as a command. The file will require editing to ensure that encrypted passwords are in plaintext and that non-command text such as "--More--" and IOS messages are removed. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 42 21 Backup and Restore Configuration Files Backup and Restore using TFTP Configuration files can be stored on a Trivial File Transfer Protocol (TFTP) server. copy running-config tftp – save the running configuration to a tftp server. NOTE: Download a free TFTP server from: www.solarwinds.com copy startup-config tftp - save startup configuration to a tftp server. To restore the running configuration: Enter the copy tftp running-config command. Enter the IP address of the host where the configuration file is stored. Enter the name to assign to the configuration file. Press Enter to confirm each choice. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 43 Backup and Restore Configuration Files Using USB Interfaces on a Cisco Router USB flash feature provides an optional secondary storage capability and an additional boot device. USB flash drive must be formatted in a FAT16 format. Can hold multiple copies of the Cisco IOS and multiple router configurations. Allows administrator to easily move configurations from router to router. Router USB ports are usually USB 2.0. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 44 22 Backup and Restore Configuration Files Backup and Restore Using USB Issue the show file systems command to verify that the USB drive is there, and confirm the name. Use the copy run usbflash0:/ command to copy the configuration file to the USB flash drive. • The slash is optional but indicates the root directory of the USB flash drive. Use the dir command to see the file on the USB drive and use the more command to see the contents. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 45 Integrated Router Multi-function Device Home networks are being used to provide connectivity and Internet sharing among multiple PC systems, etc. Many home and small business networks utilize the services of a multi-function device. Incorporates a switch, router, and wireless access point (AP), and also a DHCP service, a firewall. Provides routing, switching and wireless connectivity. Linksys wireless routers are simple in design and used in home networks. Cisco Integrated Services Router (ISR) product family offers a wide range of products, designed for small office to larger networks. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 46 23 Integrated Router Multi-function Device An example of this type of integrated router is a Linksys wireless router. It does not typically have separate components, making it cheaper. Ethernet ports – connected to the internal switch portion, with an internal connection to the router (Internet) port. Internet port – A single port connected to the router portion of the multifunction device. This is used to connect the device to another network such as the Internet (e.g phone line for broadband). The router portion of a multifunction device maintains routing tables. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 47 Cisco Confidential 48 Integrated Router Wireless Capability Wireless Mode – Most integrated wireless routers support 802.11b, 802.11g and 802.11n, which are compatible. (802.11a is another standard). Service Set Identifier (SSID) – Case-sensitive, alpha-numeric name for your home wireless network. Wireless Channel – RF spectrum divided up into channels. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. 24 Integrated Router Basic Security of Wireless 1. Change default values for SSID, usernames, and passwords. 2. Disable SSID broadcasting. 3. Configure Encryption using WEP or WPA. Wired Equivalency Protocol (WEP) - uses pre-configured keys to encrypt and decrypt data. Every wireless device allowed to access the network must have the same WEP key entered. There are applications readily available on the Internet to discover the WEP key. **** Rubbish **** Wi-Fi Protected Access (WPA) – also uses encryption keys from 64 bits up to 256 bits. New keys are generated each time a connection is established with the AP. Therefore more secure. ******* Much more Secure **** Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 49 Integrated Router Configuring the Integrated Router The Linksys device acts as both a DHCP server and a miniwebserver that supports a web-based configuration GUI. Initially access the router by cabling a computer to one of the router’s LAN Ethernet ports. The connecting device will automatically obtain IP addressing information from Integrated Router, and this IP address can be used by a web browser to access the configuration GUI. Change default username and password and the default Linksys IP address for security purposes, before the AP is connected to a live network. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 50 25 Integrated Router Enabling Wireless 1. Configure the wireless mode (Network Mode: 802.11a,/b/g/n). 2. Configure the SSID (Network Name) – the SSID is broadcast by default. 3. Configure RF channel (Radio Band). 4. Configure any desired security encryption. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 51 Integrated Router Configure a Wireless Client The wireless client configuration settings must match that of the wireless router. This includes: 1. SSID 2. Security Settings 3. Channel information (if manually set) Wireless client software can be integrated into the device operating system or stand alone, downloadable, wireless utility software. Open the wireless link information screen to display information such as: the connection data rate, connection status, and wireless channel used, as shown in the figure. Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 52 26 Presentation_ID © 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 53 27