Port Security, Mac Lockdown, Mac Lockout, And Ip Lockdown; Key Management System (Kms) - HP ProCurve Series 3400cl Release Notes

Procurve series

Hide thumbs Also See for ProCurve Series 3400cl:

Management manual (664 pages)

Management and configuration manual (508 pages)

Access security manual (404 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

page of 197

/ 197
Contents
Table of Contents
Bookmarks

Table of Contents

Enforcing Switch Security

Network Access Security

Access Control Types

client-based access control

(up to 32 authenticated clients per port)

port-based access control

(one authenticated client opens the port)

switch operation as a supplicant

* On the 5300xl switches, this feature is available with software release E.09.02 and greater.

Refer to the chapter titled "Configuring Port-Based and Client-Based Access Control" in the Access

Security Guide for your switch model.

Port Security, MAC Lockdown, MAC Lockout, and IP Lockdown

These features provide device-based access security in the following ways:

■

port security: Enables configuration of each switch port with a unique list of the MAC

addresses of devices that are authorized to access the network through that port. This

enables individual ports to detect, prevent, and log attempts by unauthorized devices to

communicate through the switch. Some switch models also include eavesdrop prevention

in the port security feature.

■

MAC lockdown: This "static addressing" feature is used as an alternative to port security

for to prevent station movement and MAC address "hijacking" by allowing a given MAC

address to use only one assigned port on the switch. MAC lockdown also restricts the client

device to a specific VLAN.

■

MAC lockout: This feature enables blocking of a specific MAC address so that the switch

drops all traffic to or from the specified address.

IP lockdown: Available on Series 2600 and 2800 switches only, this feature enables restric-

■

tion of incoming traffic on a port to a specific IP address/subnet, and denies all other traffic

on that port.

Refer to the chapter titled "Configuring and Monitoring Port Security" in the Access Security Guide

for your switch model.

Key Management System (KMS)

KMS is available in several ProCurve switch models and is designed to configure and maintain key

chains for use with KMS-capable routing protocols that use time-dependent or time-independent

keys. (A key chain is a set of keys with a timing mechanism for activating and deactivating individual

6200yl 5400zl 3500yl 5300xl

4200vl

3400cl

2800

4100gl

6400cl

2600

2600-pwr

Table of Contents

This manual is also suitable for:

Procurve 3400cl-48g Procurve 6400cl-6xg Procurve 6410cl-6xg Procurve 3400cl-24g

Port Security, Mac Lockdown, Mac Lockout, And Ip Lockdown; Key Management System (Kms) - HP ProCurve Series 3400cl Release Notes

Port Security, MAC Lockdown, MAC Lockout, and IP Lockdown

Key Management System (KMS)

Related Manuals for HP ProCurve Series 3400cl

Related Content for HP ProCurve Series 3400cl

This manual is also suitable for:

Table of Contents