Table of Contents
Advertisement
Security Information
Setting Inbound Security with Intruder Prevention
Setting Inbound Security with Intruder
Prevention
The picture below illustrates the use of inbound security using Intruder
Prevention. This type of data security allows only one authorized user per port
to access the network. The authorized user is identified by the authorized MAC
address of the end node attached to the port.
Intruder prevention includes an "auto port disable" data security feature and
a "send alarm" security violation notification feature. These features are
described on the next page.
In the above illustration, the authorized end user is represented by PC 101,
and the intruder is represented by PC 202 (Intruder). (For illustration
purposes, the numbers 101, and 202 are used to represent 12-digit hexadecimal
MAC addresses.) The HP hub compares the authorized MAC address, 101, to
the source address of the packet received from the Intruder, 202. The hub
detects the unauthorized MAC address and automatically disables the port,
and sends an alarm (a security violation trap notification) to the authorized
network management station.
F-4
Advertisement
Table of Contents
