MAC Lockout (page 9-26): Causes the switch to drop traffic carrying a
■
specific MAC address as either a source or destination.
■
Authorized IP Managers (page 10-1): Allows access to the switch by a
networked device having an IP address previously configured in the
switch as "authorized".
Key Management System (page 11-1): Centralizes the mechanisms used
■
to configure and maintain security information for all routing protocols.
HP recommends that you use local passwords together with the switch's other
security features to provide a more comprehensive security fabric than if you
use only local passwords.
General Switch Traffic Security
Guideline
Where the switch is running multiple security options, it implements network
traffic security based on the OSI (Open Systems Interconnection model)
precedence of the individual options, from the lowest to the highest. The
following list shows the order in which the switch implements configured
security features on traffic moving through a given port.
1.
Disabled/Enabled physical port
2.
MAC lockout (Applies to all ports on the switch.)
3.
MAC lockdown
4.
Port security
5.
Authorized IP Managers
6. Application features at higher levels in the OSI model, such as SSH.
(The above list does not address the mutually exclusive relationship that
exists among some security features.)
General Switch Traffic Security Guideline
Getting Started
1-3