Logo free mcse ccna rhce linux java learning free mcse ccna rhce linux java learning
          Sharefacebook twitter google+ google bookmark yahoo bookmark delicious digg linkedin pinterest reddit stumbleupon evernote diigo blinklist blogmarks livejournal email feed


Best Security practices to protect layer 2

External Resources

• Hardcode access ports as "switchport mode access" and trunk ports as "switchport mode trunk".

• Administratively shutdown all the unused switch interfaces, using "shutdown" interface command. Never enable a switchport which is not in use.

• Assign unused interfaces to a VLAN which is not in use.

• Disable DTP on every trunk using "switchport nonegotiate" command.

• Use any VLAN which is not used for user traffic or management traffic as the native VLAN for all trunk links.

• Do not use VLAN 1 anywhere, because it is a default VLAN and default native VLAN.

• Use port security feature to protect the switch from CAM Table Overflow attacks.

• Use BPDU guard and Root guard features to protect Spanning Tree topology.

• Turn on Cisco Discovery Protocol (CDP) only on interfaces facing trusted devices.


              Jajish Thomason Google+
Related Topics
comments powered by Disqus

eXTReMe Tracker