Solved: Hi,

glogloglik · ‎07-28-2017

Hello all,

I have always read how it is the best security practice to put unused ports on switch/router into shutdown state. However, at work they put them in unused VLAN which serves just for this purpose.

The only config on that interface:

#switchport mode access

#switchport access vlan 111

By the way, VLAN 111 is active.

I searched a lot on this topic but still do not have the answer. Is it a good security practice? And is it better than shutting down the ports?

Thank you very much for any help :)

Shutdown ports or put them in VLAN?