GarrettCom MNS-6K Manual De Usuario
M A G N U M 6 K S W I T C H E S , M N S - 6 K U S E R G U I D E
Port Security
The port security feature can be used to block computers from accessing the network by
requiring the port to validate the MAC address against a known list of MAC addresses.
This port security feature is provided on an Ethernet, Fast Ethernet, or Gigabit Ethernet
port. In case of a security violation, the port can be configured to go into the disable
mode or drop mode. The disable mode disables the port, not allowing any traffic to pass
through. The drop mode allows the port to remain enabled during a security violation and
drop only packets that are coming in from insecure hosts. This is useful when there are
other network devices connected to the Magnum 6K family of switches. If there is an
insecure access on the secondary device, the Magnum 6K family of switches allows the
authorized users to continue to access the network; the unauthorized packets are dropped
preventing access to the network.
requiring the port to validate the MAC address against a known list of MAC addresses.
This port security feature is provided on an Ethernet, Fast Ethernet, or Gigabit Ethernet
port. In case of a security violation, the port can be configured to go into the disable
mode or drop mode. The disable mode disables the port, not allowing any traffic to pass
through. The drop mode allows the port to remain enabled during a security violation and
drop only packets that are coming in from insecure hosts. This is useful when there are
other network devices connected to the Magnum 6K family of switches. If there is an
insecure access on the secondary device, the Magnum 6K family of switches allows the
authorized users to continue to access the network; the unauthorized packets are dropped
preventing access to the network.
Network security
Network security hinges on the ability to allow or deny access to
network resources. The access control aspect of secure network
services involves allowing or disallowing traffic based on information
contained in packets, such as the IP address, MAC address, or other content. Planning for
access is a key architecture and design consideration. For example, which ports are
configured for port security? Normally rooms with public access e.g. lobby, conference
rooms etc. should be configured with port security. Once that is decided, the next few
decisions are – who are the authorized and unauthorized users? What action should be
taken against authorized as well as unauthorized users? How are the users identified as
authorized or unauthorized?
j
Configuring Port Security
Login as a level 2 user or as a manager to configure port security. Once logged in, get to
the port-security configuration level to setup and configure port security.
Syntax configure port-security
Or
Syntax port-security
For example
the port-security configuration level to setup and configure port security.
Syntax configure port-security
Or
Syntax port-security
For example
Magnum6K25#
configure port-security
Magnum6K25(port-security)##
F
IGURE
44 – Port security configuration mode
Alternately, the following commands can also be used to enter the port-security
configuration mode:
configuration mode:
65