Configuring Port and System Security 481
19
Configuring Port and System
Security
This chapter describes how to configure port-based security features, which
control access to the network through the switch ports, and the denial of
service (DoS) feature.
Port-based security includes IEEE 802.1X authentication and port MAC
locking.
• IEEE 802.1X provides an authentication mechanism to devices connected
to the switch. Network access is permitted only to authorized devices
(clients).
• Port MAC locking is used to enable security on a per-port basis. When a
port is locked, only packets with allowable source MAC addresses can be
forwarded. All other packets are discarded. Port-MAC locking allows a
configurable limit to the number of source MAC addresses that can be
learned on a port.
The topics covered in this chapter include:
• IEEE 802.1X
• Port Security (Port-MAC Locking)
• Denial of Service
NOTE: Port-based security can also be accomplished by using Access Control
Lists (ACLs). For information about configuring ACLs, see "Configuring Access
Control Lists" on page 523.
To Next Page
Loading...
