Cisco Catalyst
switches are the leader in the switching market and major players in today's networks.
The data-link layer (Layer 2 of the OSI model) provides the functional and procedural means to transfer data
between network entities with interoperability and interconnectivity to other layers, but from a security
perspective, the data-link layer presents its own challenges. Network security is only as strong as the weakest
link, and Layer 2 is no exception. Applying first-class security measures to the upper layers (Layers 3 and
higher) does not benefit your network if Layer 2 is compromised. Cisco switches offer a wide range of security
features at Layer 2 to protect the network traffic flow and the devices themselves.
Understanding and preparing for network threats is important, and hardening Layer 2 is becoming imperative.
Cisco is continuously raising the bar for security, and security feature availability at Layer 2 is no exception. The
sections that follow highlight the Layer 2 security features available on Cisco Catalyst switches.
Note
The configuration examples shown in this chapter are based on Cisco IOS Software syntax only (also
known as native mode). Catalyst Operating System (CatOS) software-based examples are not covered.
Pages:
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166