Default Port Security Operation. The default port security setting for each port is off, or \u201ccontinuous\u201d. That is, any device can access a port without causing a security reaction.<\/p>\n
Intruder Protection. A port that detects an \u201cintruder\u201d blocks the intruding device from transmitting to the network through that port.<\/p>\n
Eavesdrop Protection. Using either the port-security command or the switch\u2019s web browser interface to enable port security on a given port automatically enables eavesdrop prevention on that port.<\/p>\n
General Operation for Port Security. On a per-port basis, you can configure security measures to block unauthorized devices, and to send notice of security violations. Once port security is configured, you can then monitor the network for security violations through one or more of the following:<\/p>\n
Alert flags that are captured by network management tools such as<\/p>\n
ProCurve Manager (PCM and PCM+)<\/p>\n
Alert Log entries in the switch\u2019s web browser interface<\/p>\n
Event Log entries in the console interface<\/p>\n
Intrusion Log entries in the menu interface, CLI, or web browser interface<\/p>\n
For any port, you can configure the following:<\/strong><\/p>\n Action: Used when a port detects an intruder. Specifies whether to send an SNMP trap to a network management station and whether to disable the port. Address Limit: Sets the number of authorized MAC addresses allowed on the port.<\/p>\n Learn-Mode: Specify how the port acquires authorized addresses.<\/p>\n Continuous: Allows the port to learn addresses from inbound traffic from any connected device. This is the default setting.<\/p>\n Limited-Continuous: Sets a finite limit (1 -32) to the number of learned addresses allowed per port.<\/p>\n Configuring and Monitoring Port Security<\/p>\n Port Security<\/p>\n Static: Enables you to set a fixed limit on the number of MAC addresses authorized for the port and to specify some or all of the authorized addresses. (If you specify only some of the authorized<\/p>\n addresses, the port learns the remaining authorized addresses from the traffic it receives from connected devices.)<\/p>\n Configured: Requires that you specify all MAC addresses authorized for the port. The port is not allowed to learn addresses from inbound traffic.<\/p>\n Authorized (MAC) Addresses: Specify up to eight devices (MAC addresses) that are allowed to send inbound traffic through the port. This feature: Closes the port to inbound traffic from any unauthorized devices that are connected to the port. Provides the option for sending an SNMP trap notifying of an<\/p>\n attempted security violation to a network management station and, optionally, disables the port. (For more on configuring the switch for SNMP management, see \u201cTrap Receivers and Authentication Traps\u201d in the Management and Configuration Guide for your switch.)<\/p>\n Port Access: Allows only the MAC address of a device authenticated through the switch\u2019s 802.1X Port-Based access control.<\/p>\n The image depicts Configuring and Monitoring Port Security<\/p>\n Please Note:<\/strong> If you are looking for Rich Data Center Web Hosting, Cloud Services, Dedicated Hosting, Colocation or Software Services in India at Affordable Costs, Visit our website at WWW.ESDS.CO.IN<\/a><\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":" You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses of the workstations that are allowed to access the port. When you assign secure MAC addresses to a secure port, the port does not forward packets with source addresses outside the group of defined addresses. If… <\/p>\n![\"\"](\"https:\/\/www.esds.co.in\/blog\/wp-content\/uploads\/2010\/12\/monitoring-port-security.jpg\" "\\"monitoring-port-security\\"")
<\/p>\n