Summary
This chapter presents a basic overview of Layer 2 security. The chapter gives you configuration examples and
brings together the integrated-security features available on Cisco switches, such as port-level controls, port
blocking, port security Private VLAN (PVLAN), and many more. The chapter discusses the various configurable
ACLs that can be used on the switches, including the wire-speed ACLs. The chapter takes a quick look at the
Spanning Tree Protocol features and safeguard mechanisms available to prevent STP attacks. Cisco switches
offer unique features to mitigate common attacks on the services such as DHCP, DNS, and ARP-cache poisoning
attacks. The chapter briefly outlines some platform-specific integrated security features available on the highend
switch platforms. The chapter concludes with the summary of Layer 2 security best practices to implement,
manage, and maintain a secure Layer 2 network.
References
http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008013565f.shtml
http://www.cisco.com/en/US/products/hw/switches/ps5528/products_configuration_guide_chapter09186a00802b7c35.html
http://www.cisco.com/en/US/products/hw/switches/ps5528/products_configuration_guide_chapter09186a00803a9a88.
Pages:
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203