Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Security Advise with Access-Layer Switches

Hi There,

I want to secure my access-layer switches, and need your advise on this. Is it more recommended to move the ports to a VLAN membership other than the default one while shutting down VLAN 1 interface and enabling only SSH management access to the new VLAN? Or do you think keeping ports membership to VLAN 1 won't hurt provided that SSH is enabled and not telnet?

Do you think having the ports members of VLAN 1 might lead to a security breach and what concerns could be associated with that?

Your advise is highly appreciated.

Thanks,

Haitham

1 REPLY
New Member

Re: Security Advise with Access-Layer Switches

You should find this usefull.

http://checklists.nist.gov/repository/1009.html

Generally it is better to have unused ports shutdown

or in a seperate VLAN.

HTH

92
Views
5
Helpful
1
Replies