Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CDP and Network security

Hi,

If CDP is activated and someone succeeded to get in one device in the network can he easly get in the other devices??

Please if you have any document about CDP and Network security this my email tw_sabri@yahoo.fr

thanks for your help and have a nice day.

2 REPLIES
Hall of Fame Super Silver

Re: CDP and Network security

Sabri

In general I believe that CDP poses little security threat on the inside of the network. On interfaces which connect outside of the network we may frequently disable CDP on those interfaces because we do not want to send any information about our network to devices outside of the network.

But on interfaces which connect inside of the network there is very little security exposure in running CDP. If someone manages to access one device in your network CDP is a minor concern. How easy or how difficult it is to access other devices depends on how well protected the other devices are. Most of the things that someone could learn from CDP (like version of software) do not contribute to being able to access a device. And the information that might aid in accessing other devices (like their IP addresses or names) are available through other ways (like the ARP table, and DNS resolution of names).

So my advice is to disable CDP on interfaces that connect outside of your network. And continue to run CDP on interfaces that connect inside your network.

HTH

Rick

New Member

Re: CDP and Network security

thanks for your help Rick it's very kind of you .have a nice day.

253
Views
0
Helpful
2
Replies