Security in the data link layer of the OSI model on LANs wired Cisco

There are no technologies or protocols completely secure in network infrastructures, for this reason, this document aims to demonstrate the importance of configuring security options on network equipments. On this occasion we will focus on the data link layer of the OSI model, which is where controls have begun to be implemented at level of protocols. The tools that are used in the research facilitate the implementation of a virtual laboratory, which consists of a base operating system (windows) in which virtualbox is installed to mount linux mint, which will generate attacks; while in VMware, we installed a virtual machine that allows you to add the image of a switch to our network simulation software (GNS3), which integrates all the components. The tests were able to identify the vulnerabilities in MAC, ARP, VLAN and STP, and then to proceed to patch these security aws. Keeping the setting by default or ignoring the characteristics of network equipment are usually the reasons why these vulnerabilities exist. Finally, it was proved how easy it can be to run an attack and at the same time to implement security measures on the layer 2 of the OSI.