Port Security; Port Security Configuration - 3Com 4200G 12-Port Configuration Manual
4200g series switch
Hide thumbs
Also See for 4200G 12-Port:
- Configuration manual (730 pages) ,
- Getting started manual (104 pages) ,
- Quick reference manual (43 pages)
Table of Contents
Advertisement
17
Port Security
Configuration
Introduction to Port
Security
Port Security Modes
P
S
ORT
ECURITY
Port security is a security mechanism that controls network access. It is an expansion
to the current 802.1x and MAC address authentication. This scheme controls the
incoming/outgoing packets on port by checking the MAC addresses contained in
data frames, and provides multiple security and authentication modes; this greatly
improves the security and manageability of the system.
The port security scheme provides the following characteristics:
1 NTK: Need to know. By means of checking the destination MAC addresses in the
outbound packets of a given port, NTK can ensure that only authenticated devices
can receive the data packets, and thus prevent data from being intercepted.
2 Intrusion Protection: By means of checking the source MAC addresses in the inbound
packets of a given port, intrusion protection detects illegal packets and takes
necessary actions when necessary. These include disconnecting ports
temporarily/permanently, or filtering packets with the MAC addresses to ensure port
security.
3 Device Tracking: Refers to the feature that when certain types of data packets (due to
illegal intrusion, improper manner of logging on and off) are transmitted, the switch
will send Trap message to help the network administrators monitor and control such
actions.
4 Binding of MAC and IP addresses to ports: Binding the MAC addresses and IP
addresses of authorized users to designated ports of a switch, so that only authorized
users can access the ports and thereby enhances the system security.
Table 65 describes the available security modes in details:
Table 65 Description of the port security modes
Security
mode
Description
autolearn
the learned MAC addresses will be changed to Security
MAC addresses.
This security mode will automatically change to the
secure mode after the system has learned the maximum
number of Security MAC from this port, and new
Security MAC cannot be added.
The packets whose original MAC addresses are not the
current Security MAC addresses cannot pass the port.
secure
In this mode, the system is disabled from learning MAC
addresses from this port.
Only the packets whose original MAC addresses are the
configured static MAC addresses can pass the port.
userlogin
In this mode, port-based 802.1x authentication is
performed for connected users.
C
ONFIGURATION
Feature
In this mode, only
the NTK and
Intrusion Protection
features take effect.
In this mode, the
NTK and Intrusion
Protection features
do not take effect.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
