Network Security
Port Security
SPS208G/SPS224G4/SPS2024 Service Provider Switches User Guide 124
7
• Number of Violations
— Indicates the number of packets that arrived on the
interface in single-host mode, from a host whose MAC address is not the
supplicant MAC address.
Port Security
Network security can be increased by limiting access on a specific port only to
users with specific MAC addresses. The MAC addresses can be dynamically
learned or statically configured. Locked port security monitors both received and
learned packets that are received on specific ports. Access to the locked port is
limited to users with specific MAC addresses. These addresses are either
manually defined on the port, or learned on that port up to the point when it is
locked. When a packet is received on a locked port, and the packet source MAC
address is not tied to that port (either it was learned on a different port, or it is
unknown to the system), the protection mechanism is invoked, and can provide
various options. Unauthorized packets arriving at a locked port are either:
• Forwarded
• Discarded
• Cause the port to be shut down
Locked port security also enables storing a list of MAC addresses in the
configuration file. The MAC address list can be restored after the device has been
reset.
Disabled ports are activated from the
Port Management > Port Configuration
Screen
(click the Detail
button).
Port Security can be enabled only on ports in Multiple User or Multiple Session
modes (see
Port Authentication
).
To Next Page
Loading...
Need help?
General
