Difference between revisions of "Netband Project - IP Source Guard"

From Teknologisk videncenter
Jump to: navigation, search
Line 4: Line 4:
 
*IP source guard is a security feature that restricts IP traffic on nonrouted, Layer 2 interfaces by filtering traffic based on the DHCP snooping binding database and on manually configured IP source bindings. You can use IP source guard to prevent traffic attacks caused when a host tries to use the IP address of its neighbor.<br>
 
*IP source guard is a security feature that restricts IP traffic on nonrouted, Layer 2 interfaces by filtering traffic based on the DHCP snooping binding database and on manually configured IP source bindings. You can use IP source guard to prevent traffic attacks caused when a host tries to use the IP address of its neighbor.<br>
 
*IP source guard is supported only on Layer 2 ports, including access and trunk ports
 
*IP source guard is supported only on Layer 2 ports, including access and trunk ports
 +
* An ACL is applied to the interface, which allows only IP traffic with a source IP address in the IP source binding table and denies all other traffic.

Revision as of 10:44, 14 April 2009

<accesscontrol>NetBand</accesscontrol> This page is part of the Netband Project

  • IP source guard is a security feature that restricts IP traffic on nonrouted, Layer 2 interfaces by filtering traffic based on the DHCP snooping binding database and on manually configured IP source bindings. You can use IP source guard to prevent traffic attacks caused when a host tries to use the IP address of its neighbor.
  • IP source guard is supported only on Layer 2 ports, including access and trunk ports
  • An ACL is applied to the interface, which allows only IP traffic with a source IP address in the IP source binding table and denies all other traffic.