Securing the Switch
This course will describe some of the most severe switch security risks and discuss the mechanisms to help mitigate attacks through the well-known vectors.
What you'll learn
Switches are fantastic devices, allowing you to create VLANs, trunks, as well as offer fast and somewhat private communication. In this course, Securing the Switch, you will explore the basic nature of switch operation, as well as the advent of trunk links, VLAN tags, and some backwards compatibility features. First, you will start off by learning about frame double-tagging. Next, you will move onto the native VLAN security issues and DTP. Finally, you will wrap up the course with a demonstration of creating a secure base configuration for a switch. By the end of this course, you will know how to put a secure base configuration on a switch, mitigating many layer 2 attacks against Ethernet.
Table of contents
- Introduction 0m
- The Flooding Attack 5m
- What Is Switchport Port Security? 9m
- What Does a Switch Do When It Gets a Bad Frame? 6m
- Demo: Setting up the Initial Port Security 13m
- Demo: Examining What Happens When There Are Port Security Violations 8m
- Demo: How Switches Deal with Violations - Restrict 3m
- Demo: How Switches Deal with Violations - Protect 3m
- Demo: Configuring Allowed MAC Addresses on Ports - Static 6m
- Demo: Configuring Allowed MAC Addresses on Ports - Sticky 5m
- Summary 1m
About the author
Ross has had a diverse career. He has a Structural Engineering degree from Milwaukee School of Engineering, but gave up the career shortly after graduating from college. Beginning in 1997, Ross began officially working in IT, implementing and supporting a paperless work order system for a Natural Gas Utility in Illinois. Since then, Ross has spent his years teaching and managing data networks. Ross spent 7 years at University of Wisconsin Hospitals and Clinics, supporting and managing the large ... more