CHAPTER
Send feedback to nx5000-docfeedback@cisco.com
1-1
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
1
Configuring Port Security
Cisco Nexus 5000 Series switches provide port security features that reject intrusion attempts and report
these intrusions to the administrator.
Note Port security is supported on virtual Fibre Channel ports and physical Fibre Channel ports.
This chapter includes the following sections:
• Information About Port Security, page 1-1
• Configuring Port Security, page 1-3
• Enabling Port Security, page 1-5
• Port Security Activation, page 1-5
• Auto-Learning, page 1-7
• Port Security Manual Configuration, page 1-10
• Port Security Configuration Distribution, page 1-12
• Database Merge Guidelines, page 1-14
• Database Interaction, page 1-15
• Displaying Port Security Configuration, page 1-19
• Default Settings, page 1-19
Information About Port Security
Typically, any Fibre Channel device in a SAN can attach to any SAN switch port and access SAN
services based on zone membership. Port security features prevent unauthorized access to a switch port
in the Cisco Nexus 5000 Series switch, using the following methods:
• Login requests from unauthorized Fibre Channel devices (N ports) and switches (xE ports) are
rejected.
• All intrusion attempts are reported to the SAN administrator through system messages.
• Configuration distribution uses the CFS infrastructure, and is limited to those switches that are CFS
capable. Distribution is disabled by default.
• Configuring the port security policy requires the Storage Protocol Services license. For additional
information, see Chapter 1, “Managing Licenses.”
To Next Page
Loading...
