TCP fragment attack ······························································································································ 390
Login DoS attack ···································································································································· 390
Login dictionary attack ··························································································································· 390
Blacklist feature ·············································································································································· 390
Enabling the login delay ································································································································· 401
Configuring MACsec ··················································································· 409
Overview ························································································································································ 409
Basic concepts ······································································································································· 409
MACsec services ··································································································································· 409
MACsec applications ······························································································································ 410
MACsec operating mechanism ·············································································································· 410
Protocols and standards ························································································································ 412
MACsec configuration task list ······················································································································· 413
Enabling MKA ················································································································································ 413
Enabling MACsec desire ································································································································ 413
Configuring a preshared key ·························································································································· 414
Configuring an MKA policy ····················································································································· 416
Applying an MKA policy ························································································································· 417
Network requirements ···························································································································· 418
Configuration procedure ························································································································· 418
Verifying the configuration ······················································································································ 419
Troubleshooting MACsec ······························································································································· 421
Configuring MFF ························································································· 422
Overview ························································································································································ 422
Basic concepts ······································································································································· 423
MFF operation modes ···························································································································· 423
MFF working mechanism ······················································································································· 424
Protocols and standards ························································································································ 424
Configuring MFF ············································································································································ 424
Enabling MFF ········································································································································· 424
Configuring a network port ····················································································································· 425
ix