L2

A collection of 4 posts

Sep 30, 2012

Port Security

Port security allows you to control the number of MAC addresses that can be learned on a single switch port. It is enabled on a per interface basis. It can protect against malicious

Sep 30, 2012

BPDU Guard

When BPDU Guard is enabled and a switch port receives a BPDU it stops forwarding and disables itself. It is common to enable this on a access port, usually in addition to portfast.

Sep 30, 2012

Common L2 threats (and how to mitigate)

The best practices for securing switches; Select an unused VLAN (other than VLAN1) and use for the native VLAN on all trunks Avoid using VLAN1 anywhere because it is the default Admin configure

Dec 21, 2010

Root guard

Root Guard is a mechanism that allows the administrator to control where candidate root bridges can be connected to the network, it will basically prevent the wrong switch (say a random one just