14.2. LAN Security
Hey! This is The All-New Switch Book, why all the fuss about network security? "Blah blah blah" you say! Well folks, network security is very important at all levels of the network. Some people dismiss the need for securing the LAN, which is a huge mistake in our opinion. If your security policies are to be effective, then attention to some basic security options in your bridged environment is imperative. Remember, network security includes securing everything that makes up the LAN.
Dataflow through the bridged catenet can be further controlled by implementing policy filters and login banners. There are also some advanced practices that can be deployed to further strengthen the data integrity. Radius authentication, SecureShell, and SNMPv3 are examples of some of the advanced tools available that can further your security.
In this section, we cover some of the concerns that you should be aware of from a Layer 2 perspective, as well as some solutions.
14.2.1. Security Concerns at Layer 2
In Chapter 1, "Laying the Foundation," you reviewed information about the OSI reference model. Each layer performs functions independent of the other layers, and only interfacing the neighboring layers. The benefit of this is that there can be major changes within a layer, but because they are independent of the others, the changes really do not affect the functions of the other layers.
The layered approach of the OSI model also makes it dangerous if a layer becomes infected ...
Get The All-New Switch Book: The Complete Guide to LAN Switching Technology, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
