C
HAPTER
13
| Security Measures
Configuring Port Security
– 375 –
u When the port security state is changed from enabled to disabled, all
dynamically learned entries are cleared from the address table.
u If port security is enabled, and the maximum number of allowed
addresses are set to a non-zero value, any device not in the address
table that attempts to use the port will be prevented from accessing the
switch.
u If a port is disabled (shut down) due to a security violation, it must be
manually re-enabled from the Interface > Port > General page
(page 145).
u A secure port has the following restrictions:
n
It cannot be used as a member of a static or dynamic trunk.
n
It should not be connected to a network interconnection device.
PARAMETERS
These parameters are displayed:
u Port – Port identifier.
u Security Status – Enables or disables port security on an interface.
(Default: Disabled)
u Port Status – The operational status:
n
Secure/Down – Port security is disabled.
n
Secure/Up – Port security is enabled.
n
Shutdown – Port is shut down due to a response to a port security
violation.
u Action – Indicates the action to be taken when a port security violation
is detected:
n
None: No action should be taken. (This is the default.)
n
Trap: Send an SNMP trap message.
n
Shutdown: Disable the port.
n
Trap and Shutdown: Send an SNMP trap message and disable the
port.
u Max MAC Count – The maximum number of MAC addresses that can
be learned on a port. (Range: 0 - 1024, where 0 means disabled)
The maximum address count is effective when port security is enabled
or disabled.
u Current MAC Count – The number of MAC addresses currently
associated with this interface.
To Next Page