Table of Contents
Advertisement
Security and port LEDs flash, the intruder's MAC address is displayed on
the console Status command screen, and an alarm is sent to the authorized
network management station(s).
Use the First Address Heard—provides medium port security. The
hub learns the address of the first device attached to the port and makes
it the authorized MAC address. If you have any security configured for the
port (Send Alarm and/or Eavesdrop Prevention parameters are set to
YES), when a different device is later attached to the port, the new address
is registered as an "intruder address"; a security violation has occurred.
In that case, the port is automatically disabled, and the Security and
affected port LEDs flash. An alarm is also sent to the authorized network
management station(s) if the Send Alarm parameter is set to YES.
Assign an Address—provides the highest security. You enter the
address of the device that is authorized to be attached to the port. If you
have any security configured for the port (Send Alarm and/or Eavesdrop
Prevention parameters are set to YES), when a different device is later
attached to the port, the new address is registered as an "intruder
address"; a security violation has occurred. In that case, the port is
automatically disabled, and the Security and affected port LEDs flash. An
alarm is also sent to the authorized network management station(s) if the
Send Alarm parameter is set to YES.
Port Security Off—disables port security. This is a convenient way to
remove the port security. It automatically sets the Send Alarm and Eaves-
drop Prevention parameters to OFF (and therefore, the Disable Port
parameter will also be OFF).
Send Alarm when intruder detected. Configures the hub to send an
alarm (SNMP trap) to a network management station whenever an
unauthorized address (an intruder) is detected on the port. Note that for the
alarm to actually be sent, you must have first used the Managers command
to configure one or more network managers to receive alarms. See the
Managers command description earlier in this chapter.
Eavesdrop prevention. Configures the hub to prevent the port from
hearing data that is intended for another port. Only the data packets that have
a destination address that matches the port's authorized address are sent to
the port. If Eavesdrop Prevention is not enabled on all ports, the hub functions
like a repeater and every packet seen by the hub is forwarded to the non-
Eavesdrop Prevention ports. See Appendix F, "Security Information," for a
detailed description of this feature.
Managing the Hub
Console Command Reference
3-15
Advertisement
Table of Contents
