Difference between revisions of "Netband Project - Dynamic Arp Inspection"

From Teknologisk videncenter
Jump to: navigation, search
Line 2: Line 2:
 
This page is part of the [[Netband_Project|Netband Project]]
 
This page is part of the [[Netband_Project|Netband Project]]
  
*Dynamic ARP inspection is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain man-in-the-middle attacks.
+
*Dynamic ARP inspection is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings using the [[Netband Project - DHCP Snooping | DHCP snooping table]]. This capability protects the network from certain man-in-the-middle attacks.
 
*Dynamic ARP inspection is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports.
 
*Dynamic ARP inspection is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports.
 +
 +
 +
<pre>
 +
 +
 +
</pre>

Revision as of 13:24, 14 April 2009

<accesscontrol>NetBand</accesscontrol> This page is part of the Netband Project

  • Dynamic ARP inspection is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings using the DHCP snooping table. This capability protects the network from certain man-in-the-middle attacks.
  • Dynamic ARP inspection is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports.