Checks are applied to network devices (switches). A device is checked if it has a table of MAC addresses. The device can simultaneously serve as a router and a switch. Therefore, both groups of checks are applied. In the MaxPatrol SIEM interface, this device is displayed with the router icon.
Port security is used to prevent MAC spoofing on an access interface. You must enable port security on all access interfaces.
Query result: access interfaces on which port security is not enabled.
Supported systems: Alcatel AOS, Cisco NX-OS, Huawei VRP, Juniper Junos OS.
Port security is used to prevent MAC spoofing on an access interface. You must enable port security on all access interfaces.
Query result: access interfaces on which port security is not enabled.
Supported systems: Cisco IOS, Cisco IOS XE.
DHCP snooping ensures network security by filtering untrusted DHCP messages and creating a DHCP snooping binding table. You can use DHCP snooping to differentiate between untrusted interfaces connected to end users and trusted interfaces connected to the DHCP server or another switch. You must enable DHCP snooping globally for all VLANs.
Query result: switches with DHCP snooping disabled globally.
Supported systems: Cisco IOS, Cisco IOS XE, Cisco NX-OS, Huawei VRP.