by Maher Haddad | Jun 5, 2022 | Switching
Another feature of Layer2 security is to make the entries on the bridge as static ones. If we look to the bridge, we can see the following entries in its Host table which are learned dynamically: If you want to make them static for security reason, you can do so. Just...
by Maher Haddad | Jun 5, 2022 | Switching
Also, another Layer2 Security feature is on the ARP level. As you know, every network device needs the source and destination MAC/IP to be able to send the data. In case the device doesn’t have the destination MAC address, he will issue an ARP request using broadcast,...
by Maher Haddad | Jun 5, 2022 | Switching
We are still speaking about the Layer2 security features, there is a nice feature which is Layer 2 Firewall. As on Layer3, Layer2 has also firewall possibility. That’s something we can see under the bridge filter. Most engineers like to use this feature to disallow...
by Maher Haddad | Jun 5, 2022 | Switching
Another nice Layer2 security feature that I like it very much is: Traffic Storm Control. Using this feature, you can limit broadcast storm on your interface, but not only that, you can also limit unknown multicast and unknown unicast. Broadcast storm can happen when...
by Maher Haddad | Jun 5, 2022 | Switching
Another Layer2 security feature is loop protect. As its name suggests, it is a protecting loop that exist on Layer2. I know that you may be wondering that we have seen this when we spoke about the Spanning-tree protocol. That’s true. For example, if you have 1 Switch...
by Maher Haddad | Jun 5, 2022 | Switching
Another topic that may be relevant is on Layer 2 security is DHCP Snooping. This is a feature that is available on MikroTik CRS3xx switches as well as all other MikroTik switches. DHCP snooping works as hardware-offload on MikroTik CRS3xx switches. Once you enable the...