Security
802.1X
Cisco 500 Series Stackable Managed Switch Administration Guide 460
21
• Trap—Select to enable traps when a packet is received on a locked port.
This is relevant for lock violations. For Classic Lock, this is any new address
received. For Limited Dynamic Lock, this is any new address that exceeds
the number of allowed addresses.
• Trap Frequency—Enter minimum time (in seconds) that elapses between
traps.
STEP 4 Click Apply. Port security is modified, and the Running Configuration file is
updated.
802.1X
See the Security: 802.1X Authentication chapter for information about 802.1X
authentication. This includes MAC-based and web-based authentication.
Denial of Service Prevention
A Denial of Service (DoS) attack is a hacker attempt to make a device unavailable
to its users.
DoS attacks saturate the device with external communication requests, so that it
cannot respond to legitimate traffic. These attacks usually lead to a device CPU
overload.
Secure Core Technology (SCT)
One method of resisting DoS attacks employed by the device is the use of SCT.
SCT is enabled by default on the device and cannot be disabled.
The Cisco device is an advanced device that handles management traffic,
protocol traffic and snooping traffic, in addition to end-user (TCP) traffic.
SCT ensures that the device receives and processes management and protocol
traffic, no matter how much total traffic is received. This is done by rate-limiting
TCP traffic to the CPU.
There are no interactions with other features.
To Next Page
Loading...
