Index – 5
bpdu protection, none …1-8
SSH, disabled … 1-4, 6-2
SSL, disabled … 1-5, 7-2
TACACS+
authentication configuration … 4-9
authentication, disabled … 1-5, 4-2
login attempts, 3 …4-6
tacacs-server-timeout, 5 seconds …4-23
TCP port number for SSH connections,
22 …6-18
TCP port number for SSL connections,
443 …7-19
Telnet access, enabled …1-4
traffic filters, none …9-2
traffic/security filters, none …1-7
UDP destination port for accounting,
1813 …5-7
UDP destination port for authentication,
1812 …5-7
user authentication, disabled …6-2
virus throttling, none …1-8
Web and MAC authentication … 3-3–3-54
Web authentication, disabled …1-6
Web-browser access, enabled …1-4
denial-of-service
avoid attacks using DHCP snooping … 8-4
monitoring system resources … 8-33
DES …7-3
DHCP Option 82
IP-to-MAC binding database … 8-20, 8-28
DHCP protection
See DHCP snooping.
DHCP snooping …8-4
authorized server … 8-5
binding database … 8-12
changing remote-id … 8-11
configuring authorized server address … 8-9
database … 8-5
denial-of-service attack … 8-4
DHCPACK … 8-5
DHCPDECLINE … 8-5
DHCPNACK … 8-5
DHCPOFFER … 8-5
DHCPRELEASE … 8-5
disable MAC check … 8-11
disabling … 8-5
dropping packets … 8-5
enabling … 8-5
debug logging … 8-13
on trusted ports … 8-8
on VLANs … 8-6, 8-7
IP-to-MAC binding database … 8-20, 8-28
log messages … 8-14
Option 82 … 8-9
option parameter … 8-6
remote-id … 8-10
show configuration … 8-6
stats … 8-6
trust … 8-6
untrusted-policy … 8-10
verify … 8-6
documentation
feature matrix … -xviii
latest versions … -xvii
printed in-box publication … -xvii
release notes … -xvii
duplicate IP address
effect on authorized IP managers … 12-13
dynamic ARP protection
additional validation checks on ARP
packets … 8-21
ARP packet debugging … 8-23
displaying ARP statistics … 8-22
enabling … 8-16
IP-to-MAC binding, adding to DHCP
database … 8-20, 8-28
trusted ports, configuring … 8-18
verify
ing configuration … 8-21
Dynamic Configuration Arbiter (DCA)
applying settings to non-authenticated
clients … 1-18
hierarchy of precedence in authentication
sessions … 1-19
overview … 1-17
dynamic IP lockdown
debugging … 8-31
DHCP binding database … 8-25
DHCP leases … 8-25
DHCP snooping … 8-24
enabling … 8-26
filtering IP addresses … 8-25
overview … 8-23
spoofing protection … 8-24
verifying configuration … 8-29
VLAN binding…8-25
