CDP and LLDP

Cisco Discovery Protocol (CDP) and Link Layer Discover Protocol (LLDP) are data link layer protocols used to discover capabilities of network devices.

CDP and LLDP (distributed virtual switches only) allow administrators to automate deployment and configuration processes in complex network switching environments. These protocols also help avoid downtime due to misconfiguration of network devices.

Having CDP or LLDP “advertising” on the host ports is a potential security problem because CDP or LLDP show switch information that should be protected. As a safeguard, control the interfaces that run CDP or LLDP because the network topology information that is supplied by these protocols could be used by an unauthorized user to perform a security exploit.