Introduction ·························································································································································· 307
Configuration procedure ···································································································································· 307
Introduction ·························································································································································· 307
Configuration procedure ···································································································································· 307
Configuring ARP detection ·········································································································································· 308
Introduction ·························································································································································· 308
Enabling ARP detection based on static IP source guard binding Entries/DHCP snooping entries/802.1X
Introduction ·························································································································································· 315
Configuration procedure ···································································································································· 315
Configuring ARP filtering ············································································································································· 317
Introduction ·························································································································································· 317
Configuration procedure ···································································································································· 317
ND attack defense configuration ··························································································································· 319
Introduction to ND detection ······························································································································ 320
Configuring ND detection ·································································································································· 321
SAVI configuration ·················································································································································· 325
SAVI overview ······························································································································································ 325
Global SAVI configuration ·········································································································································· 325
System-guard configuration ···································································································································· 333
Configuring system-guard ··········································································································································· 333
Displaying system-guard ·············································································································································· 334
Network requirements ········································································································································· 334
Configuration procedure ···································································································································· 334
Configuring FIPS······················································································································································ 335
Overview ······································································································································································· 335
FIPS self-tests ································································································································································· 335
Power-up self-test ················································································································································· 335
Conditional self-tests ············································································································································ 335
Triggering a self-test ············································································································································ 335
Configuration procedure ············································································································································· 336
viii