Episode 111 — Port Security: limiting lateral movement at the edge
Port security appears in CloudNetX objectives because edge access is where unauthorized devices most often enter, and controlling that entry reduces lateral movement risk before higher-layer controls ever engage. This episode defines port security as limiting what devices can use a switch port, often by restricting the number of learned MAC addresses, enforcing expected device identity, and triggering actions when unexpected devices appear. The first paragraph focuses on the design intent: prevent someone from plugging in a rogue device, prevent a small unmanaged switch from expanding access at a desk, and reduce the chance that an attacker can gain network presence simply by finding an unused jack. It also explains that port security is strongest when applied at the access layer, where the risk of endpoint variability is highest, and that it should align with broader identity and segmentation strategies rather than acting as the only gate.
