{"product_id":"9780134433608","title":"LAN Switch Security: What Hackers Know About Your Switches","description":"\u003cp\u003eContrary to popular belief, Ethernet switches are not inherently secure. Security vulnerabilities in Ethernet switches are multiple: from the switch implementation, to control plane protocols (Spanning Tree Protocol [STP], Cisco® Discovery Protocol [CDP], and so on) and data plane protocols, such as Address Routing Protocol (ARP) or Dynamic Host Configuration Protocol (DHCP). LAN Switch Security explains all the vulnerabilities in a network infrastructure related to Ethernet switches. Further, this book shows you how to configure a switch to prevent or to mitigate attacks based on those vulnerabilities. This book also includes a section on how to use an Ethernet switch to increase the security of a network and prevent future attacks.\u003c\/p\u003e \u003cp\u003e \u003c\/p\u003e \u003cp\u003eDivided into four parts, LAN Switch Security provides you with steps you can take to ensure the integrity of both voice and data traffic traveling over Layer 2 devices. Part I covers vulnerabilities in Layer 2 protocols and how to configure switches to prevent attacks against those vulnerabilities. Part II addresses denial-of-service (DoS) attacks on an Ethernet switch and shows how those attacks can be mitigated. Part III shows how a switch can actually augment the security of a network through the utilization of wirespeed access control list (ACL) processing and IEEE 802.1x for user authentication and authorization. Part IV examines future developments from the LinkSec working group at the IEEE. For all parts, most of the content is vendor independent and is useful for all network architects deploying Ethernet switches.\u003c\/p\u003e \u003cp\u003e \u003c\/p\u003e \u003cp\u003eAfter reading this book, you will have an in-depth understanding of LAN security and be prepared to plug the security holes that exist in a great number of campus networks.\u003c\/p\u003e \u003cul\u003e \u003cli\u003eUse port security to protect against CAM attacks\u003c\/li\u003e \u003cli\u003ePrevent spanning-tree attacks\u003c\/li\u003e \u003cli\u003eIsolate VLANs with proper configuration techniques\u003c\/li\u003e \u003cli\u003eProtect against rogue DHCP servers\u003c\/li\u003e \u003cli\u003eBlock ARP snooping\u003c\/li\u003e \u003cli\u003ePrevent IPv6 neighbor discovery and router solicitation exploitation\u003c\/li\u003e \u003cli\u003eIdentify Power over Ethernet vulnerabilities\u003c\/li\u003e \u003cli\u003eMitigate risks from HSRP and VRPP\u003c\/li\u003e \u003cli\u003eStop information leaks with CDP, PaGP, VTP, CGMP and other Cisco ancillary protocols\u003c\/li\u003e \u003cli\u003eUnderstand and prevent DoS attacks against switches\u003c\/li\u003e \u003cli\u003eEnforce simple wirespeed security policies with ACLs\u003c\/li\u003e \u003cli\u003eImplement user authentication on a port base with IEEE 802.1x\u003c\/li\u003e \u003cli\u003eUse new IEEE protocols to encrypt all Ethernet frames at wirespeed.\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003eThis security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.\u003c\/p\u003e","brand":"Pearson Education","offers":[{"title":"Default Title","offer_id":47080542044400,"sku":"9780134433608","price":55.99,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0737\/7593\/9824\/files\/9780134433608_p0.jpg?v=1763641610","url":"https:\/\/shop-qa.barnesandnoble.com\/products\/9780134433608","provider":"Barnes \u0026 Noble (DEV)","version":"1.0","type":"link"}