Please enable JavaScript.
Coggle requires JavaScript to display documents.
LAN Security Concepts - Coggle Diagram
LAN Security Concepts
Common Layer 2 Attacks & Mitigations
ARP Attacks
Address Spoofing
DHCP Attacks
VLAN Double Tagging
STP Attacks
VLAN Hopping
CDP Reconnaissance
MAC Flooding
Endpoint Security
Traditional Protections
Host-based firewalls
HIPS
Antivirus
Enhanced Protections
AMP (Advanced Malware Protection)
ESA (Email Security Appliance)
NAC (Network Access Control)
WSA (Web Security Appliance)
URL Filtering
Malware Scanning
URL Blacklisting
Web Application Filtering
SSL Decryption/Encryption
Threats:
DDos
Data breaches
Malware
AAA
Authorization
What actions are permitted
Accounting
Logs of user activities
Authentication
Who can access
Layer 2 Security
Importance
If compromised, upper layers are also affected
Layer 2 Mitigations
DHCP Snooping
DAI (Dynamic ARP Inspection)
Port Security
IPSG (IP Source Guard)