Chapter 12
| Security Measures
Configuring Port Security
– 322 –
â—† When the port security state is changed from enabled to disabled, all
dynamically learned entries are cleared from the address table.
â—† If port security is enabled, and the maximum number of allowed addresses are
set to a non-zero value, any device not in the address table that attempts to use
the port will be prevented from accessing the switch.
â—† If a port is disabled (shut down) due to a security violation, it must be manually
re-enabled from the Interface > Port > General page (page 95).
â—† A secure port has the following restrictions:
â–
It cannot be used as a member of a static or dynamic trunk.
â–
It should not be connected to a network interconnection device.
Parameters
These parameters are displayed:
◆ Port – Port identifier.
◆ Security Status – Enables or disables port security on a port.
(Default: Disabled)
◆ Port Status – The operational status:
â–
Secure/Down – Port security is disabled.
â–
Secure/Up – Port security is enabled.
â–
Shutdown – Port is shut down due to a response to a port security violation.
◆ Action – Indicates the action to be taken when a port security violation is
detected:
â–
None: No action should be taken. (This is the default.)
â–
Trap: Send an SNMP trap message.
â–
Shutdown: Disable the port.
â–
Trap and Shutdown: Send an SNMP trap message and disable the port.
◆ Max MAC Count – The maximum number of MAC addresses that can be
learned on a port. (Range: 0 - 256, where 0 means disabled)
The maximum address count is effective when port security is enabled or
disabled.
◆ Current MAC Count – The number of MAC addresses currently associated with
this interface.
◆ MAC Filter – Shows if MAC address filtering has been set under Security >
Network Access (Configure MAC Filter) as described on page 276.
To Next Page
Loading...
Need help?
General
