Chapter 3: Network Foundation Protection and Cisco Configuration Professional
Layer 2 Data Plane Protection Data plane protection mechanisms depend on feature availability for specific devices. In a switching infrastructure, these Cisco Catalyst integrated security capabilities provide data plane security on the Cisco Catalyst switches using integrated tools: • Port security prevents MAC flooding attacks. • DHCP snooping prevents client attacks on the DHCP server and switch. • Dynamic ARP Inspection (DAI) adds security to ARP by using the DHCP snooping table to minimize the impact of ARP poisoning and spoofing attacks. • IP Source Guard prevents IP spoofing addresses by using the DHCP snooping table.
Các file đính kèm theo tài liệu này:
- chapter_3_network_foundation_protection_and_cisco_configuration_professional_8491.pptx