<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML xmlns="http://www.w3.org/TR/REC-html40" xmlns:o =
"urn:schemas-microsoft-com:office:office" xmlns:w =
"urn:schemas-microsoft-com:office:word"><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.3268" name=GENERATOR>
<STYLE>@page Section1 {size: 8.5in 11.0in; margin: 1.0in 1.25in 1.0in 1.25in; }
P.MsoNormal {
        FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
LI.MsoNormal {
        FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
DIV.MsoNormal {
        FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
A:link {
        COLOR: blue; TEXT-DECORATION: underline
}
SPAN.MsoHyperlink {
        COLOR: blue; TEXT-DECORATION: underline
}
A:visited {
        COLOR: purple; TEXT-DECORATION: underline
}
SPAN.MsoHyperlinkFollowed {
        COLOR: purple; TEXT-DECORATION: underline
}
SPAN.EmailStyle17 {
        FONT-WEIGHT: normal; COLOR: windowtext; FONT-STYLE: normal; FONT-FAMILY: "Times New Roman"; TEXT-DECORATION: none; mso-style-type: personal-compose
}
DIV.Section1 {
        page: Section1
}
</STYLE>
</HEAD>
<BODY lang=EN-US vLink=purple link=blue bgColor=#ffffff>
<DIV><FONT face=Arial size=2>There are some new features coming out which help
(help, not eliminate) security concerns like this. I got this from an online
webinar and have not tested this, but apparrently with the latest IOS you can
check for CDP, inline power and full duplex all being present before you will
allow a device on the voice VLAN.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2><A
href="http://cisco.com/en/US/docs/switches/lan/catalyst3750e_3560e/software/release/12.2_40_se/configuration/guide/swvoip.html#wp1030836">http://cisco.com/en/US/docs/switches/lan/catalyst3750e_3560e/software/release/12.2_40_se/configuration/guide/swvoip.html#wp1030836</A></FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV> </DIV>
<DIV>Lelio<BR>--------------------------------------------------------------------------------<BR>Lelio
Fulgenzi, B.A.<BR>Senior Analyst (CCS) * University of Guelph * Guelph, Ontario
N1G 2W1<BR>(519) 824-4120 x56354 (519) 767-1060 FAX
(JNHN)<BR>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
<BR>"Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo
buffalo." WJR<BR></DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=RHoltz@cmsstl.com href="mailto:RHoltz@cmsstl.com">Robert Holtz</A>
</DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=cisco-voip@puck.nether.net
href="mailto:'cisco-voip@puck.nether.net'">'cisco-voip@puck.nether.net'</A>
</DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Tuesday, March 04, 2008 11:28
AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> [cisco-voip] Some Noob questions
about a new VoIP deployment</DIV>
<DIV><BR></DIV>
<DIV class=Section1>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt">We are in the process of rolling out a Cisco VoIP
network and there have been quite a few concerns expressed in regards to
security.<o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt">We’re using VACL’s on our code 6509 switches to stop
IP data VLAN ranges from entering the VoIP VLAN but it would appear that the
program named “VoIP Hopper” would allow us to bypass and VACL. I have
yet to use VoIP Hopper but will attempt it some time soon. Has anyone
used this product to jump through a VACL?<o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt">Our next concern is QoS and what are some good open
source tools to generate traffic to trigger the QoS queuing mechanisms.
All of our gear is gigabit Ethernet so I’m thinking that I won’t be able to
generate the level of traffic I need without multiple machines.
Promising tools so far look like “BitTwist” and “D-ITG”. Does anyone
have any recommendations for these types of
tools?<o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt">Thanks,<o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt">-R-<o:p></o:p></SPAN></FONT></P></DIV>
<P>
<HR>
<P></P>_______________________________________________<BR>cisco-voip mailing
list<BR>cisco-voip@puck.nether.net<BR>https://puck.nether.net/mailman/listinfo/cisco-voip<BR></BLOCKQUOTE></BODY></HTML>