Difference between revisions of "Netband Project - Dynamic Arp Inspection"
From Teknologisk videncenter
| Line 2: | Line 2: | ||
This page is part of the [[Netband_Project|Netband Project]] | This page is part of the [[Netband_Project|Netband Project]] | ||
| − | *Dynamic ARP inspection is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain man-in-the-middle attacks. | + | *Dynamic ARP inspection is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings using the [[Netband Project - DHCP Snooping | DHCP snooping table]]. This capability protects the network from certain man-in-the-middle attacks. |
*Dynamic ARP inspection is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports. | *Dynamic ARP inspection is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports. | ||
| + | |||
| + | |||
| + | <pre> | ||
| + | |||
| + | |||
| + | </pre> | ||
Revision as of 14:24, 14 April 2009
<accesscontrol>NetBand</accesscontrol> This page is part of the Netband Project
- Dynamic ARP inspection is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings using the DHCP snooping table. This capability protects the network from certain man-in-the-middle attacks.
- Dynamic ARP inspection is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports.