jskfan

<div>
so what DAI &nbsp;provides that DHCP snooping alone does not ? in other words if you configure DHCP snooping by itself , what will you be missing ?
</div>


so what DAI  provides that DHCP snooping alone does not ? in other words if you configure DHCP snooping by itself , what will you be missing ?

<div>
DHCP snooping protects ONLY from rogue DHCP servers<br />
DAI protects against MITM attacks
</div>


DHCP snooping protects ONLY from rogue DHCP servers
DAI protects against MITM attacks

<div>
In other words - DAI is implemented as protection from ARP poisoning.
</div>


In other words - DAI is implemented as protection from ARP poisoning.

<div>
<div class="content wysiwyg-content">
Is it Enough to configure DHCP Snooping without ARP Inspection<br />
<br />
I would like to know if it is efficient to configure just DHCP Snooping and do not configure ARP Inspection.<br />
&nbsp;I thought DHCP snooping is enough to avoid having Rogue DHCP in the Network. So what &nbsp;else that ARP Inspection adds to the DHCP Snooping ?<br />
<br />
Thank you
</div>
</div>


Is it Enough to configure DHCP Snooping without ARP Inspection

I would like to know if it is efficient to configure just DHCP Snooping and do not configure ARP Inspection.
 I thought DHCP snooping is enough to avoid having Rogue DHCP in the Network. So what  else that ARP Inspection adds to the DHCP Snooping ?

Thank you

Is it Enough to configure DHCP Snooping without ARP Inspection

A switch is a device that filters and forwards packets of data between LAN segments. Switches operate at the data link layer or the network layer of the Open Systems Interconnection (OSI) Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs. A hub is a connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports; when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.

Switches / Hubs

The Dynamic Host Configuration Protocol (DHCP) is an auto configuration protocol used on IP networks and an extension of the Bootstrap Protocol. DHCP allows for computers to be configured automatically to communicate with each other over an IP network without the need for manual setup by a network administrator. The implementation of DHCP relies on a DHCP server to hand out network configuration information to DHCP-capable clients that request an IP address (and other information required or useful in communicating with other devices on an IP network). In addition to an IP address, common configuration information served over DHCP includes a default gateway, subnet mask and DNS sever(s).

DHCP

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Network Security

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.