The musings of an IT Consultant

Aug 31 2009   2:43PM GMT

VTP – should you use it?

Raj Perumal Raj Perumal Profile: Raj Perumal

Hi folks! So welcome to the wonderful world of networking! You buy that fancy brand new Cisco switch and you think to yourself, “I have this cool feature called VTP (Vlan Trunking Protocol) and I want to use it to automatically deploy vlans across all of my switches! This will save me tons of configuration time!” Well should you really do this? Here are my thoughts on the matter.

It seems there are two schools of thought to this. VTP is a great protocol for quickly configuring switches, it takes the monotony out of configuring switches with tons of vlans. On the otherside, VTP is easily taken advantage of. If your network is not properly secured an attacker could easily use VTP to compromise your network!

So this is what I would recommend, don’t use it unless you absolutely have to. Even if you do end up using it then remember to lock down your switch using best practices. Turn off all unnecessary trunk ports, and enable port security where possible. Also even if you use a password with VTP it has been proven that there are methods to retrieve this password.


 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: