802.1X Authentication - Cisco 350 Series Administration Manual

Security

802.1X Authentication

STEP 4
802.1X Authentication
IP Source Guard
Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4
• Trap—Select to enable traps when a packet is received on a locked port. This is relevant
for lock violations. For Classic Lock, this is any new address received. For Limited
Dynamic Lock, this is any new address that exceeds the number of allowed addresses.
• Trap Frequency—Enter minimum time (in seconds) that elapses between traps.
Click Apply. Port security is modified, and the Running Configuration file is updated.
See the Security: 802.1X Authentication
IP Source Guard is a security feature that can be used to prevent traffic attacks caused when a
host tries to use the IP address of its neighbor.
When IP Source Guard is enabled, the device only transmits client IP traffic to IP addresses
contained in the DHCP Snooping Binding database. This includes both addresses added by
DHCP Snooping and manually-added entries.
If the packet matches an entry in the database, the device forwards it. If not, it is dropped.
This section describes the IP Source Guard feature. It covers the following topics:
• Interactions with Other Features
• Filtering
• IP Source Guard Work Flow
• Properties
• Interface Settings
• Binding Database
chapter for information about 802.1X authentication.
17
355