Chapter 1 Lanview Secure; Introduction; Technology - Cabletron Systems LANVIEWsecure User Manual

1.1 Introduction

LANVIEW
is Cabletron Systems strategy for hub-based security of Ethernet networks. Cabletron
SECURE
Systems technology provides security solutions across the entire Multi Media Access Center product line
including the HubSTACK, MicroMMAC, and MMAC-Plus. Cost effective implementations in 10BASE-T
twisted pair, 10BASE2 coaxial, and 10BASE-FL fiber optic media provide the network architect freedom of
choice when incorporating physical layer security into the network.
LANVIEW
is based on the concept of a secure repeater which protects data from being transmitted to, or
SECURE
received from, unauthorized users. The hub utilizes the Media Access Control (MAC) Address of attached
users to control the flow of data both outbound to the end user, and inbound from the end user.

1.2 Technology

The backbone of LANVIEW
assistance to the LANVIEW
immediately begins scrambling the data portion of the Ethernet packets repeated out to all ports, except the
port containing the actual destination MAC Address of the attached device. When a source MAC Address that
is not on the secure list for a port is detected, the management module sends a trap to the Simple Network
Management Protocol (SNMP) Network Management Station alerting the operator to the condition and/or
automatically disables the port, if so configured.
The RIC II has the intelligence to learn up to two (2) MAC Addresses per port, on the fly, allowing automatic
configuration of the secure network. Supporting two MAC Addresses per port provides support of networks
that utilize the DECnet protocol. DECnet environments support the factory assigned MAC Addresses on the
Ethernet adapter, as well as a locally administered MAC Address. The RIC II also supports a floating cache of
32 MAC Addresses that can be assigned to any port. The cache is configurable from the SNMP agent of the
device managing the chassis or hub to allow network administrators the ability to add or delete authorized user
network addresses. The total number of addresses that can be saved is platform specific. The technology can
also be applied to scramble broadcast and multicast address packets. For any limitations, refer to the Release
Notes of the LANVIEW
Security is activated by enabling Port Locking. You can lock and unlock ports at the repeater, board, and port
levels.
CHAPTER 1
LANVIEW
is the Repeater Interface Controller II (RIC II) Chip. It provides hardware
SECURE
Hub Security Architecture. With the security feature enabled, the RIC II
SECURE
products you are using.
SECURE
SECURE
1-1