[leezi]

Yes, dealt with DHCP starvation before. Key defenses:

DHCP snooping on switches Port security + MAC limits Redundant DHCP servers with failover Network segmentation For DRP/BCP: Real-time monitoring and automated incident response are essential.

Prevention beats recovery every time. What's your environment - enterprise or SMB?

[garduno_AA]

It's mostly an SMB setup, but we're aiming to implement enterprise-grade security where feasible. I'm especially interested in how others handle DHCP starvation prevention and what they include in DRP/BRP plans for the lower OSI layers.

We had an issue two days ago, because we didn't have that kind of configurations in our sophos.