235
New feature: Port security
Configuring Port security
MAC move—This feature allows 802.1X or MAC authenticated users to move from a port to
another port on the device. The authentication session is deleted from the first port, and the
users are reauthenticated on the new port.
SNMP notifications for port security—This feature allows the port security module to
generate SNMP notifications to report important events.
MAC authentication delay—When both 802.1X authentication and MAC authentication are
enabled on a port, you can delay MAC authentication so that 802.1X authentication is
preferentially triggered. If no 802.1X authentication is triggered or 802.1X authentication fails
within the delay period, the port continues to process MAC authentication.
VLAN assignment—Both the 802.1X and MAC authentication features support VLAN
assignment for users.
ACL assignment—Both the 802.1X and MAC authentication features support ACL assignment
for users. You can specify an authorization ACL for a user to control the user's access to
network resources. After the user passes authentication, the authentication server (local or
remote) assigns the authorization ACL to the access port of the user. The ACL will filter traffic for
this user.
802.1X EAD assistant—This feature allows unauthenticated 802.1X users to access the free
IP. The feature also enables the device to redirect a user who is seeking to access the network
to a specific URL on the free IP. For example, you can use this feature to redirect the user to the
EAD client software download page.
802.1X SmartOn—This feature was developed to support the NEC 802.1X client. The device
performs SmartOn authentication before 802.1X authentication. If a user fails SmartOn
authentication, the device stops 802.1X authentication for the user.
Command reference
See HPE FlexNetwork MSR Configuration Guides(V7) and HPE FlexNetwork MSR Command
References(V7).