Configuring and Monitoring Port Security
Port Security
Port Security
Basic Operation
Default Port Security Operation.
The default port security setting for
each port is off, or “continuous”. That is, any device can access a port without
causing a security reaction.
Intruder Protection.
A port that detects an “intruder” blocks the intruding
device from transmitting to the network through that port.
Eavesdrop Protection.
Using either the port-security command or the
switch’s web browser interface to enable port security on a given port auto
matically enables eavesdrop prevention on that port.
General Operation for Port Security.
On a per-port basis, you can
configure security measures to block unauthorized devices, and to send notice
of security violations. Once you have configured port security, you can then
monitor the network for security violations through one or more of the
following:
■
Alert flags that are captured by network management tools such as
ProCurve Manager (PCM and PCM+)
■
Alert Log entries in the switch’s web browser interface
■
Event Log entries in the console interface
■
Intrusion Log entries in either the menu interface, CLI, or web browser
interface
For any port, you can configure the following:
■
Action:
Used when a port detects an intruder. Specifies whether to send
an SNMP trap to a network management station and whether to disable
the port.
■
Address Limit:
Sets the number of authorized MAC addresses allowed
on the port.
■
Learn-Mode:
Specify how the port acquires authorized addresses.
•
Continuous:
Allows the port to learn addresses from inbound traffic
from any connected device. This is the default setting.
•
Limited-Continuous:
Sets a finite limit (1 - 32) to the number of
learned addresses allowed per port.
11-4
Summary of Contents for J8697A
Page 1: ...6200yl Access Security Guide 5400zl 3500yl ProCurve Switches K 11 XX www procurve com ...
Page 2: ......
Page 22: ...Product Documentation Feature Index xx ...
Page 55: ...Configuring Username and Password Security Front Panel Security 2 21 ...
Page 56: ...Configuring Username and Password Security Front Panel Security 2 22 ...
Page 58: ...Virus Throttling Contents Operating Notes 3 30 Connection Rate Log and Trap Messages 3 31 3 2 ...
Page 88: ...Virus Throttling Connection Rate Log and Trap Messages This page is intentionally unused 3 32 ...
Page 118: ...Web and MAC Authentication Client Status This page intentionally unused 4 30 ...
Page 356: ...Configuring and Monitoring Port Security Operating Notes for Port Security 11 44 ...
Page 370: ...Using Authorized IP Managers Operating Notes This page is intentionally unused 12 14 ...
Page 388: ...10 Index ...
Page 389: ......