Note
The configuration examples shown in this chapter are based on Cisco IOS Software syntax only (also
known as native mode). Catalyst Operating System (CatOS) software-based examples are not covered.
Chapter 4. Security Features on Switches
This chapter describes Layer 2 security basics and security features on switches available to combat network
security threats. These threats result from weaknesses in Layer 2 of the OSI model??”the data-link layer.
Switches act as arbiters to forward and control all the data flowing across the network. The current trend is for
network security to be solidified through the support of switch security features that build feature-rich, highperformance,
and optimized networks. The chapter examines the integrated security features available on Cisco
catalyst switches to mitigate threats that result from the weaknesses in Layer 2 of the OSI model. The chapter
also provides guidelines and recommendations intended to help you understand and configure the Layer 2
security features available on Cisco switches to build robust networks.
A summary of Layer 2 best practices is provided toward the end of the chapter.
Securing Layer 2
With the rapid growth of IP networks in the past years, high-end switching has played one of the most
fundamental and essential roles in moving data reliably, efficiently, and securely across networks.
Pages:
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165