My engineer has a question regards to CDP.
If we were to turn CDP off on a interface level would we still receive alerts on that interface i.e. up/down errors status in CiscoWorks.
In terms of security, it's best to disable CDP on all interfaces/ports which go to devices you do not manage, or to user access ports. I realize it may not always be possible to turn off CDP to access ports given things like IP telephony, but it should be very doable on links to devices that you do not manage (e.g. ISP devices). This way you're not providing people with more information than they need to know. Keeping CDP enabled on infrastructure links that interconnect managed devices should not open you up to any security problems.