DGS-3100 Series Gigabit Stackable Managed Switch User Manual
Configuring Port Security
Network security can be increased by limiting access on a specific port only to users with specific MAC addresses. The
MAC addresses can be dynamically learned or statically configured. Locked port security monitors both received and
learned packets that are received on specific ports. Access to the locked port is limited to users with specific MAC addresses.
These addresses are either manually defined on the port, or learned on that port up to the point when it is locked. When a
packet is received on a locked port, and the packet source MAC address is not tied to that port (either it was learned on a
different port, or it is unknown to the system), the protection mechanism is invoked, and can provide various options.
Unauthorized packets arriving at a locked port are either:
• Discarded with no trap
• Discarded with a trap
Locked port security also enables storing a list of MAC addresses in the configuration file. The MAC address list can be
restored after the device has been reset. To define port security:
1. Click Security > Port Security. The
Port Security Page opens:
Figure 5-10. Port Security Page
The
Port Security Page contains the following fields:
Field Description
Unit
Displays the stacking member’s ID for which the port security parameters are displayed.
From Port
Indicates the port number from which the port security parameters are displayed.
To Port
Indicates the port number to which the port security parameters are displayed.
Admin State
Indicates if port security on the device. The possible field values are:
Enable — Indicates that port security is enabled on the device.
Disable — Indicates that port security is disabled on the device. This is the default value.
Max Address(0-64)
0 means classic lock. 1-64 defines the number of MAC addresses that can be learned on the
port. The field value is 0-64. The field default is 0.
Port
Displays the specific port number.
97
To Next Page
Loading...
