3Com 4210 PWR Configuration Manual page 125

Table 77 Description of port security modes
Security mode
userLoginSecure
userLoginSecureExt
userLoginWithOUI
macAddressWithRadius In this mode, MAC address-based
macAddressOrUserLogi
nSecure
macAddressOrUserLogi
nSecureExt
Description
MAC-based 802.1x
authentication is performed on
the access user. The port is
enabled only after the
authentication succeeds. When
the port is enabled, only the
packets of the successfully
authenticated user can pass
through the port.
In this mode, only one
802.1x-authenticated user is
allowed to access the port.
When the port changes from the
noRestriction mode to this
security mode, the system
automatically removes the
existing dynamic MAC address
entries and authenticated MAC
address entries on the port.
This mode is similar to the
userLoginSecure mode, except
that there can be more than one
802.1x-authenticated user on the
port.
This mode is similar to the
userLoginSecure mode, except
that, besides the packets of the
single 802.1x-authenticated user,
the packets whose source MAC
addresses have a particular OUI
are also allowed to pass through
the port.
When the port changes from the
normal mode to this security
mode, the system automatically
removes the existing
dynamic/authenticated MAC
address entries on the port.
authentication is performed for
access users.
IIn this mode, a port performs
MAC authentication or 802.1x
authentication of an access user.
If either authentication succeeds,
the user is authenticated.
In this mode, there can be only
one authenticated user on the
port.
This mode is similar to the
macAddressOrUserLoginSecur
e mode, except that there can be
more than one authenticated user
on the port.
Port Security Overview 123
Feature
In any of these modes, the
device triggers the NTK and
Intrusion Protection features
upon detecting an illegal
packet or illegal event.