03-25-2008 09:48 AM
My engineer has a question regards to CDP.
If we were to turn CDP off on a interface level would we still receive alerts on that interface i.e. up/down errors status in CiscoWorks.
Solved! Go to Solution.
03-25-2008 11:00 AM
In terms of security, it's best to disable CDP on all interfaces/ports which go to devices you do not manage, or to user access ports. I realize it may not always be possible to turn off CDP to access ports given things like IP telephony, but it should be very doable on links to devices that you do not manage (e.g. ISP devices). This way you're not providing people with more information than they need to know. Keeping CDP enabled on infrastructure links that interconnect managed devices should not open you up to any security problems.
03-25-2008 10:29 AM
Yes. Provided the interface is managed in DFM, it will still provide unreachable events for that interface. However, without CDP, Campus Manager will not be able to ascertain the related topology.
03-25-2008 10:56 AM
Thanks for your response. Preparing for an network audit and security is asking if we can turn off CDP but we are in a battle with them right now. I am aware that Campus Manager will be affected if we were to do this hopefully we won't thanks.
03-25-2008 11:00 AM
In terms of security, it's best to disable CDP on all interfaces/ports which go to devices you do not manage, or to user access ports. I realize it may not always be possible to turn off CDP to access ports given things like IP telephony, but it should be very doable on links to devices that you do not manage (e.g. ISP devices). This way you're not providing people with more information than they need to know. Keeping CDP enabled on infrastructure links that interconnect managed devices should not open you up to any security problems.
03-25-2008 11:09 AM
You are right. Thanks so much....this is why I'm always in the cisco forum.....very valuable information.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide