From the course: Cisco Network Security: Secure Routing and Switching
Join today to access over 23,400 courses taught by industry experts.
Implement port security
From the course: Cisco Network Security: Secure Routing and Switching
Implement port security
- [Instructor] On a switch, there are two types of ports, access or trunk. An access port carries traffic of a single VLAN from a host to the switch. Trunk ports are for switch-to-switch communication that carry information for various VLANs using VLAN tagging. The default mode is switchport mode dynamic desirable. This mode can pose a security risk as it can fall victim to a VLAN hopping attack where a user spoofs a switch by making an end device act as a trunk port. The best practice is to make sure all user ports are in access mode and any ports not in use are disabled. To set a switch port to access mode, use the following configuration command switchport mode access. Also follow up with a command to prevent any attempts at the port to go into trunk mode and that would be switchport nonegotiate. I'd also follow up with a shutdown command and now you'll see that the administrative mode is static access. On a switch, the network administrator should also use switchport port…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.