From the course: Cisco Network Security: Secure Routing and Switching
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
BPDU guard, root guard, and loop guard
From the course: Cisco Network Security: Secure Routing and Switching
BPDU guard, root guard, and loop guard
- [Female Narrator] Spanning Tree Protocol prevents switching loops. As soon as two or more switches connect, Spanning Tree begins an election process to designate the root bridge. The root bridge then makes decisions on what ports to block and which ones to put in a forwarding mode. Spanning Tree can fall victim to attacks, such as an attacker sending multiple BPDU messages that create a constant state of reelecting the root bridge. An attacker can also launch a denial of service using a BPDU flood, take over the root bridge, or possibly claim another role. The Spanning Tree can also fail. BPDU Guard, Root Guard, and Loop Guard are features network administrators use to keep the active network topology predictable. We implement BPDU Guard on access ports to prevent receiving spoofed BPDUs. We enable PortFast and then configure BPDU Guard. Root Guard defends against an attack to take over the root bridge. Configure spanning-tree guard root or you could use rootguard. Mac spoofing is…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.