Hello Jacqueline
CDP is a proprietary protocol designed by Cisco to help administrators collect information about both locally attached and remote devices. There are scenarios and cases where you would want to disable CDP. Some of these are described below:
- CDP can be a security risk as it broadcasts information about your network devices like device ID, IP address, platform, capabilities, etc. An attacker with access to the network can use this information to understand the network topology and plan attacks.
- Non-Cisco Devices: If your network includes non-Cisco devices, enabling CDP may not be beneficial as it is a proprietary protocol and may not be supported by other vendors.
- Network Traffic: CDP messages are multicast every 60 seconds by default, which can consume unnecessary bandwidth and processing power on your network devices. In a large network with many Cisco devices, this could lead to significant network traffic.
- Unnecessary in Static Networks: If your network topology is static and doesnât change often, there may be little benefit to having CDP enabled.
- Public Facing Interfaces: It is not advisable to enable CDP on interfaces that are facing the internet or untrusted networks. This can expose your device details to potential attackers.
The typical rule of thumb is, if you donât need it, donât activate it.
I hope this has been helpful!
Laz