NTP is set up as a hierarchy, and the levels/layers are called stratums.

The lower the number, the more accurate the time.

Top stratum layer is 0-those are GPS clocks or atomic clock.
Cisco routers cannot serve a stratum 0 devices.
Cisco routers can take on one of there roles in out NTP network Server, client,
peer.NTP use UDP port 123.By default, cisco rotuer take 8 stratums when NTP is
sychronized when unsynchronized 16 stratums.
0-Emergencies (Lot of trouble)
1-Alerts (Take care of this now)
2-Critical (Really Important)
3-Errors (Should know about this)
4-Warnings (You have to know about this)
5-Notifications (Look at this )
6-Information (Interesting)
7-Debugging (Stuff behind commands)
Root Guard is configured at the port level, and disqualifies any switch
downstream from that port from becoming the root OR secondary root.
The port is not disabled but placed into root-inconsistent state. When those
superior BPDUs stop coming in, the port will return to normal operation.
Authenication is the process of deciding of a given user should be allowed to
access the network or a network serivce in the first place.
time-rang <Name-of-Time)
vpn
Virtual -Doesn't exist physically, its a tunnel between two endpoints
Private- open only to the two parties at the endpoints
Network- its a network
VPN are basically a point to point WAN
A site-to-site VPN allows users at one compnay site to connect securely to anoth
er company site.
VPN good points are Scalability, cost and Security
Authentication: ciphers and keys
Data Integrity: hashes
Confidentiality:
there are two major classess of encryption algorithms Asymmetric & Symmetric
Symmetric uses one single key for both encryption and decryption. In VPN only go
ing to take place if both ends possess the key.Faster than asymmetric.
Symmetric algorithms includes DES,3DES, AES,RC4,Blowfish and IDEA.
Aysmmetric uses one key to encrypt data and a separate key to decrypt the same d
ata. One key is the public key and the other is private key.Aysmmetric algorithm
s includes Diffie-Hellman,RSA, DSS.
RSA uses two keys one public and other private key, Slow operation
DES is the key size its only 56 bits
IPSec short for IP Security, IPSec allows use to authenticate encrypt every IP p
acket in a particular data stream.Runs at layer 3.IPSec uses checksums and hashi
ng algorithms such as MD5 and SHA1 to assure data integrity.
Authentication Header (AH), defines a method for authencation and securing data.
AH doesnt provide data confidentiality
Encapsulating Security Payload (ESP), defines a method for authencating, securit
y and encrypting data. provide data confidentiality
Internet Key Echange (IDE), negotiates the security parameters and authenticatio
n keys

Configuring a site-to-site VPN is a five-step process:

Process initializaiton via intresting traffic
IKE Phase 1 (IKE SA Negotiation)
IKE Phase 2 (IPSec SA Negotiation)
Data Transfer
Tunnel Termination