5.8. Summary
Most network administrators give very little thought to the switches in a network. As long as they are forwarding traffic properly, they are generally ignored. As you have seen from this chapter, a switch can be a very powerful tool for securing a network. It can also be a very powerful tool for an attacker.
Because a switch represents an access point into the network, it is important to make it as difficult as possible for an attacker to gain network access through a switch. Of course, this restrictive access has to be coupled with the need legitimate users have to access the network.
Methods for securing a switched network include mapping MAC addresses to a switch port, disabling unused ports, and, where applicable, creating static ...
Get The Practice of Network Security: Deployment Strategies for Production Environments now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
