Chapter 7. Switch Security Features

Traditional security focuses on the network perimeter, such as firewalls, and on mitigating Layer 3 attacks. However, networks must be protected against Layer 2 attacks, too. These are typically launched from devices inside the network by either a rogue device or a legitimate device that has been compromised. Rogue devices might be placed maliciously or innocently connected by a well-intentioned employee. For instance, someone wanting more connections might add an access switch or wireless access point to a port in their office. The switch might then become the Spanning Tree root bridge and disrupt user traffic.

The following are four common types of attacks against a switched network:

MAC address-based attacks: ...

Get CCNP Routing and Switching Quick Reference Library: ROUTE 300-101, SWITCH 300-115, and TSHOOT 300-135 Quick References now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.