5.5. MAC Addressing
To this point we have primarily discussed availability within the switched portion of the network. While availability is an important part of network security, protection against unauthorized intrusion is equally important. A properly configured switch can assist in this type of protection as well. If an administrator can prevent an attacker from plugging directly into network, it will be that much more secure.
Most networks have several unused ports on their switches. These ports are potential security holes, as anyone can plug into an unused network jack and have access to your network. One solution is to disable all unused ports, and then enable/disable them as needed. This solution is problematic for two reasons:
It takes ...
Get The Practice of Network Security: Deployment Strategies for Production Environments now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
