Switch Hardening: Finalizing the Security Configuration

Port security helps secure the network by preventing unknown devices from forwarding packets. MAC address filtering limits the number of MAC addresses in a single switch port and logs any blocked access attempts. It also has the option of shutting the port down and sending an alert to the administrator.

An additional switch plane is security; the blanket that lays overall. It includes VLAN security, VPN (Virtual Private Networks) that encrypt and tunnel traffic, firewalls that block illegal access to the network and IDS/IPS (Intrusion Detection/Prevention Systems) that detect or prevent negative data/user behavior comparing it to known signatures.

To conclude, a secure switch implementation comes down to the data and network hardening using:
- Stateful Firewall
- Secure Remote Access
- Network Management System
- Site to Site VPN
- Deep Packet Inspection
- Next Generation Firewall
- Intrusion Detection

Narrated by iS5 Communications' Field Application Engineer Dominic Iadonisi.
Be the first to comment