Friday, 26 July 2013

Checklist for Auditing Layer 2 Devices



1.      Verify that administrators avoid using VLAN 1.
2.      Evaluate the use of trunk autonegotiation.
3.      Verify that Spanning-Tree Protocol attack mitigation is enabled (BPDU Guard, Root Guard).
4.      Evaluate the use of VLANs on the network.
5.      Disable all unused ports, and put them in an unused VLAN.
6.      Evaluate use of the VLAN Trunking Protocol (VTP) in the environment.
7.      Verify that thresholds exist that limit broadcast/multicast traffic on ports.

No comments:

Post a Comment