DHCP Snooping+ARP Inspection vs. IP Source Guard
Can someone explain me the difference between “DHCP Snooping + ARP Inspection” and “IP Source Guard”? From user perspective they work exactly the same. Untrusted hosts which are not in the binding table are not able to connect to other hosts (based on IP/MAC). Are there any cons/pros to choose particular one? Did you see them in production networks? Be honest I have never seen any of them in any of my enterprise customers, so I’m just curious which one is better, more popular, etc.