DAI and IP source guard are two security features that have been introduced to reduce the risks of some type of attacks that involve Man in the middle concept.
If an attacker is present in a Vlan with a focused ARP activity it can introduce itself in the communications between host(s) and default gateway: it provides its MAC address as the MAC address of the next hop to the hosts and its MAC address as that of the hosts to the router.
So the attacker PC can capture both directions of a communication.
DAI and IP source guard tracks ARP requests and associations of ports, MAC addresses, IP addresses so that when an attempt is made to take the identity of another device the switch can filter the suspicius ARP message.
These features can be combined with ip DCHP binding with the same target for blocking DHCP man in the middle attacks.
The switch builds tables to track port, MAC, ip address of legitimate hosts.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...