Traffic/Security Filters and Monitors
Filter Types and Operation
You can enhance in-band security and improve control over access to network
resources by configuring static filters to forward (the default action) or drop
unwanted traffic. That is, you can configure a traffic filter to either forward
or drop all network traffic moving to outbound (destination) ports and trunks
(if any) on the switch.
Filter Limits
The switch accepts up to 101 static filters. These limitations apply:
■
Source-port filters: up to 78
■
Multicast filters: up to 16 with 1024 or fewer VLANs configured. Up to 8
with more than 1024 VLANs configured.
■
Protocol filters: up to 7
Using Port Trunks with Filters
The switch manages a port trunk as a single source or destination for source-
port filtering. If you configure a port for filtering before adding it to a port
trunk, the port retains the filter configuration, but suspends the filtering action
while a member of the trunk. If you want a trunk to perform filtering, first
configure the trunk, then configure the trunk for filtering. Refer to “Config
uring a Filter on a Port Trunk” on page 11-19.
Filter Types and Operation
Table 11-1. Filter Types and Criteria
Static Filter
Type
Selection Criteria
Source-Port Inbound traffic from a designated, physical source-port will be forwarded or
dropped on a per-port (destination) basis.
Multicast
Inbound traffic having a specified multicast MAC address will be forwarded to
outbound ports (the default) or dropped on a per-port (destination) basis.
Protocol
Inbound traffic having the selected frame (protocol) type will be forwarded or
dropped on a per-port (destination) basis.
11-3
Summary of Contents for PROCURVE 2910AL
Page 1: ...Access Security Guide ProCurve Switches W 14 03 2910al www procurve com ...
Page 2: ......
Page 3: ...HP ProCurve 2910al Switch February 2009 W 14 03 Access Security Guide ...
Page 84: ...Configuring Username and Password Security Front Panel Security 2 36 ...
Page 156: ...TACACS Authentication Operating Notes 4 30 ...
Page 288: ...Configuring Secure Socket Layer SSL Common Errors in SSL setup 8 22 ...
Page 416: ...Configuring Advanced Threat Protection Using the Instrumentation Monitor 10 28 ...
Page 572: ...Using Authorized IP Managers Operating Notes 14 14 ...
Page 592: ...12 Index ...
Page 593: ......