SNR S2940-8G-v2 Switch Configuration Guide
Port Security
Chapter 11
Port Security
11.1 Introduction to Port Security
Port security is a MAC address-based security mechanism for network access controlling. It is
an extension to the existing 802.1x authentication and MAC authentication. It controls the ac-
cess of unauthorized devices to the network by checking the source MAC address of the received
frame and the access to unauthorized devices by checking the destination MAC address of the
sent frame. With port security, you can define various port security modes to make that a de-
vice learns only legal source MAC addresses, so as to implement corresponding network security
management. After port security is enabled, the device detects an illegal frame, it triggers the
corresponding port security feature and takes a pre-defined action automatically. This reduces
user's maintenance workload and greatly enhances system security.
11.2 Port Security Configuration Task List
1. Basic configuration for Port Security
Command Explanation
Port mode
switchport port-security Configure port-security of the interface.
no switchport port-security
switchport port-security mac-
address <mac-address> [vlan
<vlan-id>]
Configure the static security MAC of the interface.
no switchport port-security mac-
address <mac-address> [vlan
<vlan-id>]
switchport port-security maxi-
mum <value> [vlan <vlan-list>]
Configure the maximum number of the security MAC ad-
dress allowed by the interface.
no switchport port-security max-
imum <value> [vlan <vlan-list>]
83
To Next Page
Loading...
General