EasyManua.ls Logo

Enterasys D-Series - Configuring MAC Locking

Enterasys D-Series
540 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Configuring MAC Locking
Enterasys D-Series CLI Reference 17-51
Configuring MAC Locking
Thisî ±featureî ±locksî ±aî ±MACî ±addressî ±toî ±oneî ±orî ±moreî ±ports,î ±preventingî ±connectionî ±ofî ±unauthorizedî ±
devicesî ±throughî ±theî ±port(s).î ±Whenî ±sourceî ±MACî ±addressesî ±areî ±receivedî ±onî ±specifiedî ±ports,î ±theî ±
switchî ±discardsî ±allî ±subsequentî ±frames î ±notî ±containingî ±theî ±configuredî ±sourceî ±addresses.î ±Theî ±onlyî ±
framesforwardedona“locked”portarethosewith
the“locked”MACaddress(es)forthatport.
Thereî ±areî ±twoî ±methodsî ±ofî ±lockingî ±aî ±MACî ±toî ±aî ±port:î ±firstî ±arrivalî ±andî ±static.î ±Theî ±firstî ±arrivalî ±methodî ±
isî ±definedî ±toî ±beî ±lockingî ±theî ±firstî ±nî ±numberî ±ofî ±MACsî ±whichî ±arriveî ±onî ±aî ±portî ±configuredî ±withî ±MACî ±
lockingî ±enabled.î ±Theî ±valueî ±nî ±is
î ±configuredî ±withî ±theî ±setî ±maclockî ±firstarrivalî ±command.î ±
ThestaticmethodisdefinedtobestaticallyprovisioningaMAC‐portlockusingthesetmaclock
command.î ±Theî ±maximumî ±numberî ±ofî ±staticî ±MACî ±addressesî ±allowedî ±forî ±MACî ±lockingî ±onî ±aî ±portî ±
canî ±beî ±configuredî ±withî ±theî ±setî ±maclockî ±staticî ±command.
Youî ±canî ±configure
î ±theî ±switchî ±toî ±issueî ±aî ±violationî ±trapî ±ifî ±aî ±packetî ±arrivesî ±withî ±aî ±sourceî ±MACî ±
addressî ±differentî ±fromî ±anyî ±ofî ±theî ±currentlyî ±lockedî ±MACî ±addressesî ±forî ±thatî ±port.
MACsî ±areî ±unlockedî ±asî ±aî ±resultî ±of:
‱Aî ±linkî ±downî ±event
‱Whenî ±MACî ±lock ing î ±isî ±disabledî ±onî ±aî ±port
‱Whenî ±aî ±MACî ±isî ±agedî ±
outî ±ofî ±theî ±forwardingî ±databaseî ±whenî ±FirstArrivalî ±agingî ±isî ±enabled
Whenî ±properlyî ±configured,î ±MACî ±lockingî ±isî ±anî ±excellentî ±securityî ±toolî ±asî ±itî ±preventsî ±MACî ±spoofingî ±
onî ±configuredî ±ports.î ±Alsoî ±ifî ±aî ±MACî ±wereî ±toî ±beî ±securedî ±byî ±somethingî ±likeî ±Dragonî ±Dynamicî ±
Intrusionî ±Detection,î ±MACî ±lockingî ±wouldî ±makeî ±itî ±moreî ±difficultî ±forî ±
aî ±hackerî ±toî ±sendî ±packetsî ±intoî ±
theî ±networkî ±becauseî ±theî ±hackerî ±wouldî ±haveî ±toî ±changeî ±theirî ±MACî ±addressî ±andî ±moveî ±toî ±anotherî ±
port.î ±Inî ±theî ±meantimeî ±theî ±systemî ±administratorî ±wouldî ±beî ±receivingî ±aî ±maclockî ±trapî ±notification.
Purpose
Toî ±review,î ±disable,î ±enable,î ±andî ±configureî ±MACî ±locking.î ±
Commands
For information about... Refer to page...
show maclock 17-52
show maclock stations 17-53
set maclock enable 17-54
set maclock disable 17-55
set maclock 17-55
clear maclock 17-56
set maclock static 17-57
clear maclock static 17-57
set maclock firstarrival 17-58
clear maclock firstarrival 17-59
set maclock agefirstarrival 17-59
clear maclock agefirstarrival 17-60

Table of Contents

Related product manuals