Attack prevention methods used by DHCP snooping on S series switch

For S series switches (except S1700 switches), DHCP Snooping provides the trust function and binding table checking function to prevent man-in-the-middle attacks. The DHCP Snooping trust function sets the interface connected to an authorized DHCP server as the trusted interface, so that clients can obtain IP addresses from the authorized DHCP server, preventing bogus DHCP server attacks. The DHCP snooping binding table checking function prevents DHCP attacks from unauthorized users, such as DHCP flood attacks, bogus DHCP server attacks, and DHCP server DoS attacks.

Scroll to top