Layer 2 Security – No Longer Ignored

When: April 25, 2006 (12:00 - 2:00pm)
Where: Sutton Place Hotel, 845 Burrard Street
Cost: $40 for ISSA and ISACA members, and $50 for non-members

Registration is through the ICABC Professional Development Department at 604-488-2641 or email ISSA members should state that they are ISSA members when they register.

Allan Alton Biography

Allan Alton has a BSc in Computer Science and maintains the CISA, CISSP, and NetAnalyst certifications. His involvement with computer systems controls dates back over the past 23 years. He has worked in both IS Security and Audit with Sears. Allan started the IS Security group at WorkSafeBC in 1988. In 1995 Allan changed careers by moving into the network group to follow a much more technical role. Yet as it turned out, the network was where all the hot security issues would be so he was never far from his old life.

Allan’s passion in security has been to help educate the public about Internet security issues. His vision is to see security professionals throughout the world offering public education as a free community service.

Presentation - Layer 2 Security – No Longer Ignored.

Traditional security controls have been placed at OSI layers 3 and 4. In the world of IP these layers would be the IP address and the TCP or UDP port respectively. Modern network control devices are looking even deeper into the packets to control access at the application layer 7. Yet controls at layer 2 have been sadly lacking. Layer 2 frames have been able to pass between layer 2 devices without any control device to intervene. This lack of control has created an opportunity for the development of exploits at the data link layer 2.

This presentation will review some of the layer 2 exploits and how the intelligence being designed into modern switches can be used to prevent these exploits or reduce their impact. While the presentation will be from the perspective of Cisco Systems hardware, the principles will be generic enough to apply to other switch manufacturers. Attendees should have a basic understanding of the OSI Reference Model and how the
Internet Protocol (IP) functions at the various OSI layers although a very brief review will be included.