Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
229
Views
0
Helpful
1
Replies

Layer2 path discovery and mitigation

hoffa2000
Level 3
Level 3

‎09-04-2007 06:47 AM - edited ‎03-09-2019 06:44 PM

Hi

I've had a MARS50 online for about a month now and has never really

got layer 2 mitigation to work. We have a network built with only

Cisco equipment so the procedure should be straight forward I would

think.

Our design is pretty basic: 5 Cat2950 access switches serving the

office along with a Cat4503 as a distribution switch. All these are

running native IOS. The 4503 is connected with a layer 2 trunk to our

co-location where the routing and firewalling takes place in a Cat6513

also running native IOS.

What I would like to see, as described in the MARS user guide, is the

port of the access switch presented in the incident graph. Today I

only see a straight line from the attacking host over the network

object and the target and have no option to mitigate the threat. All

access switches are enabled and discoverable by MARS and have snmp

selected as access method.

What am I missing here?

Regards

Fredrik Hofgren

Labels:
0 Helpful
1 Reply 1

avai2005uk
Level 1
Level 1

‎09-07-2007 02:13 AM

Hi there,

can u please tell me are you using SNMP RO string of SNMP RW string?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents