486
|
Chapter 6. Managing Device Security
ProSafe® Gigabit L3 Managed Stackable Switches Software Administration Manual
Port Security Interface Configuration
A MAC address can be defined as allowable by one of two methods: dynamically or statically.
Both methods are used concurrently when a port is locked.
Dynamic locking implements a first arrival mechanism for Port Security. You specify how
many addresses can be learned on the locked port. If the limit has not been reached, then a
packet with an unknown source MAC address is learned and forwarded normally. When the
limit is reached, no more addresses are learned on the port. Any packets with source MAC
addresses that were not already learned are discarded. You can effectively disable dynamic
locking by setting the number of allowable dynamic entries to zero.
Static locking allows you to specify a list of MAC addresses that are allowed on a port. The
behavior of packets is the same as for dynamic locking: only packets with an allowable
source MAC address can be forwarded.
To display the Port Security Interface Configuration page, click
Security
Traffic Control>
Port Security
Interface Configuration.