Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
You may experience some slow load times, errors, and slight inconsistencies. We ask for your patience as we finalize the launch. Thank you.

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Layer2 path discovery and mitigation

Hi

I've had a MARS50 online for about a month now and has never really

got layer 2 mitigation to work. We have a network built with only

Cisco equipment so the procedure should be straight forward I would

think.

Our design is pretty basic: 5 Cat2950 access switches serving the

office along with a Cat4503 as a distribution switch. All these are

running native IOS. The 4503 is connected with a layer 2 trunk to our

co-location where the routing and firewalling takes place in a Cat6513

also running native IOS.

What I would like to see, as described in the MARS user guide, is the

port of the access switch presented in the incident graph. Today I

only see a straight line from the attacking host over the network

object and the target and have no option to mitigate the threat. All

access switches are enabled and discoverable by MARS and have snmp

selected as access method.

What am I missing here?

Regards

Fredrik Hofgren

  • Other Security Subjects
1 REPLY
New Member

Re: Layer2 path discovery and mitigation

Hi there,

can u please tell me are you using SNMP RO string of SNMP RW string?

102
Views
0
Helpful
1
Replies