Security Commands
This chapter provides a detailed explanation of the security commands available in SFTOS, presented
in the following sections:
•
•
•
•
•
•
Port Security Commands
This section contains the following commands:
•
•
•
•
•
•
•
•
•
This section describes commands you use to configure port security on the switch. Port security, which
is also known as port MAC locking, allows you to secure the network by locking allowable MAC
addresses on a given port. Packets with a matching source MAC address are forwarded normally, and
all other packets are discarded.
port-security
This command enables port locking at the system level (Global Config mode) or interface level
(Interface Config mode, Interface Port Channel Config, or Interface Range modes).
The oe version of this command disables port locking at the selected level.
Port Security Commands
Port-Based Network Access (IEEE 802.1X) Commands on page 187
RADIUS Commands on page 199
TACACS+ Commands on page 205
Secure Shell (SSH) Commands on page 209
Hypertext Transfer Protocol (HTTP) Commands on page 212
port-security on page 183
port-security mac-address on page 184
port-security mac-address move on page 184
port-security max-dynamic on page 185
port-security max-static on page 185
show port-security on page 186
show port-security dynamic on page 187
show port-security static on page 187
show port-security violation on page 187
Note:
To enable the SNMP trap specific to port security, see
violation on page
83.
11
snmp-server enable trap
Security Commands | 183