|
This has two side effects, both unpleasant:
As mentioned, the MAC address table fills to capacity, preventing legitimate entries from being made.
The large number of unnecessary frame flooding quickly consumes bandwidth as well as overall switch resources.
The best defense against MAC Address Flooding is a good offense, and in this case, that offense consists of port-based authentication and port security. By making sure our host devices are indeed who we think they are and authenticating them before they join our network, we reduce the potential for an intruder to unleash a MAC Address Flooding attack on our network. The key isn't to fight the intruder once they're in our network - the key is to keep them out in the first place!
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free
CCNP exam
and CCNA Certification
tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study
Packages. You can also visit his blog, which is updated several times daily with
new Cisco certification articles, free tutorials, and daily CCNA / CCNP exam
questions! Details are on the website. For a FREE copy of his latest e-books,
“How To Pass The CCNA” and “How To Pass The CCNP”, just visit the website! You
can also get FREE CCNA and CCNP exam questions every day! Get your
Microsoft Vista certification with The Bryant Advantage!
|
|
SIGN
UP FOR FREE
