14.3. Summary
Now you can see that security can be applied to every level of a network. I showed you many of the common Layer 2 attacks and what you can do to help prevent them. This chapter covered MAC attacks, VLAN attacks, and spoofing attacks. You learned to use some of the features built into switches to mitigate these attacks.
It also covered Port Security, which allows you to control what MAC addresses and how many can be on a switch port, as well as VLAN access lists (access-maps), private VLANs, DHCP snooping, DAI, and IP Source Guard.
You also learned that some of the simplest things can help keep your network secure, such as securing access to your switches, and making sure basic port and trunk configurations don't make it easy for ...
Get Cisco® Network Professional's: Advanced Internetworking Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
