Port-Security, DHCP-Snooping, Arp-Inspection,DHCP and Manegment Devices

This chapter involves part of the security issues which should be implemented on the switches. It is important to prevent your networks from some attacks. To achieve this, we need to get a set of prevention on the switches. I tried to configure some of them on the topology. You can examine how to configure devices with port-security, DHCP-snooping, arp-inspection. You can also see how to configure DHCP on the network devices or the external DHCP server.

I will not share with you all devices configuration because all switches and routers configurations have a nearly similar configuration.

SW7

At the SW7 port security, you can see DHCP-snooping and Arp-inspection configuration. Besides that, I implemented some limited access-list to connect to SW7 with ssh connection. According to this configuration, only a management user who is a Laptop0 can connect to SW7 with SSH protocol to manage the SW7.

At the R9, you can verify the DHCP Server configuration on the network devices.

External_DHCP

The screen outputs below consist of some outputs of show command and limited access which is mentioned at the SW7 part of the article.