SSL security mechanism ······································································································································ 138
SSL protocol stack ··············································································································································· 138
SSL configuration task list ············································································································································ 139
Configuring an SSL server policy ······························································································································· 139
Configuring an SSL client policy ································································································································ 140
Displaying and maintaining SSL ································································································································· 141
Configuring IP source guard ·································································································································· 142
Overview ······································································································································································· 142
Enabling ARP blackhole routing ························································································································ 154
Configuration example ······································································································································· 154
Configuration guidelines ···································································································································· 156
Configuration procedure ···································································································································· 156
Configuration procedure ···································································································································· 157
Configuration example ······································································································································· 158
Configuring ARP detection ·········································································································································· 159
Configuring user validity check ························································································································· 160
Configuration guidelines ···································································································································· 163
Configuration procedure ···································································································································· 164
Configuration guidelines ···································································································································· 164
Configuration procedure ···································································································································· 164
Configuration example ······································································································································· 165
Configuring ARP filtering ············································································································································· 165
iv