Happy (secure) switching.

Let’s break down what this lab teaches and why it matters in the real world. Imagine you are responsible for a corporate network. Users are in VLAN 10 (Employees) and VLAN 20 (Guests). The lab presents a simple topology: one multilayer switch (distribution), one layer 2 switch (access), and a few PCs.

On any port that should not be a trunk (i.e., all end-user ports), explicitly turn off trunking:

The four techniques in form the backbone of the Cisco Cyber Threat Defense model:

Layer 2 security is invisible when done right. But when it's missing, the whole network crumbles. What other Layer 2 attacks worry you most—CDP/LLDP recon, STP manipulation, or ARP poisoning? Drop a comment below.

In the world of networking, we often talk about firewalls, ACLs, and encryption. But what happens if an attacker simply unplugs a legitimate user’s laptop and plugs in a rogue device? What if they spoof a VLAN or launch a MAC flood?

Take the time to run this lab. Break it on purpose. Watch the show port-security , show dhcp snooping binding , and show interfaces status err-disabled outputs.