Cisco Systems SLM224G4PS, SLM248G4PS manual Security Management Access List, Security Storm Control

Page 38

Chapter 5

Configuration Using the Web-based Utility

Max Entries  Specifies the number of MAC addresses that can be learned on the port. This field is enabled only if Learning Mode is set to Limited Dynamic Lock. The default value is 1.

Action on Violation  Indicates the action to be applied to packets arriving on a locked port. The possible values are:

Discard  Discards packets from any unlearned source. This is the default value.

Forward  Forwards packets from an unknown source without learning the MAC address.

Discard Disable  Discards packets from any unlearned source and shuts down the port. The port remains shut down until reactivated, or until the device is reset.

Enable Trap  Enables traps when a packet is received on a locked port.

Trap Frequency  The amount of time (in seconds) between traps. The default value is 10 seconds.

Update  If you click this button, your changes are saved and appear immediately in the table at the bottom of the Port Security screen.

The lower portion of the Port Security screen displays a summary of the settings in the upper portion of the screen. The settings are displayed for each of the ports on the Switch.

Click Save Settings to apply the changes, or Cancel Changes to cancel the changes.

Security > Management Access List

Use the Management Access List screen to specify IP addresses that are to be allowed to manage the device, using an IP address and wildcard mask.

Security > Management Access List

The Management Access List screen contains two sections, Web IP Filtering and SNMP IP Filtering. These sections are identical except for the types of IP addresses that they relate to.

IP Address  Enter the web IP address or SNMP IP address to be allowed.

Wildcard Mask  Enter the wildcard mask for the web IP address or SNMP IP address. Wildcard masks specify which bits are used and which bits are ignored. A wild card mask of 255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that all the bits are important. For example, if the source IP address is 149.36.184.198 and the wildcard mask is 255.36.184.00, the first eight bits of the IP address are ignored, while the last eight bits are used.

Add to List  Click this button to save the IP address and Wildcard Mask. The information will appear in the list at the bottom of the screen.

The bottom portions of both the Web IP Filtering and SNMP IP Filtering sections displays the current IP access list, where each entry consists of an IP Address and Wildcard Mask. To delete an entry from the list, select it and click Delete.

Click Save Settings to apply the changes, or Cancel Changes to cancel the changes.

Security > Storm Control

The Storm Control screen is used to configure broadcast and multicast storm control.

Security > Storm Control

Storm Control enables limiting the amount of Multicast and Broadcast frames accepted and forwarded by the Switch. A Broadcast Storm results when an excessive amount of broadcast messages is simultaneously transmitted across a network by a single port. Forwarded message responses are heaped onto the network, straining network resources or causing the network to time out.

To enable Storm Control on a port, you specify the packet type (broadcast/multicast) and maximum transmission rate. The system measures the incoming Broadcast and Multicast frame rates separately on each port and discards frames when the rate exceeds the specified maximum.

Interface  Select the unit number and port from which storm control is enabled.

24/48-Port 10/100 + 4-Port Gigabit Smart Switch with Resilient Clustering Technology and PoE

32

Image 38
Contents Port or 48-Port 10/100 + Icon Descriptions About This GuideAbout This Guide Online ResourcesTable of Contents Snmp Snmp Global Parameters Snmp Views Snmp Group ProfileAppendix B About Switch Stacking Gigabit Ethernet Fiber Optic CablingAppendix C Glossary Appendix D Specifications Appendix G Contact InformationChapter IntroductionProduct Overview Switch LEDs and ports are located on the front panelChapter Product Overview Front PanelBack Panel Power The Power port is where you connect the AC powerSwitch’s LEDs and ports are located on the front panel Product Overview Pre-Installation Considerations Chapter InstallationInstallation Placement OptionsRack-Mount Placement Hardware InstallationDesktop Placement To set up a stack with six switches, follow these steps Uplinking the SwitchConfiguring Stack Mode Connect port G1 on Unit 3 to port G2 on Unit Power off the new unit 5 the former master unitConnect port G1 on Unit 2 to port G2 on Unit Login screen appears. Proceed to the Login section below Chapter Configuration Using Console InterfaceUsing telnet Switch Main Menu How to Use the Console InterfaceLogin System Configuration MenuManagement Settings System InformationIP Configuration User & Password SettingsSecurity Settings Http Stack Configuration Restore System Default SettingsReboot System File ManagementPort Configuration Port Status MenuHelp System ModePoE Settings LogoutSetup Summary Chapter Configuration Using Web-based UtilitySetup Device InformationOrange The administrator has closed down this port Setup ZoomSetup Network Settings Clicking on a port displays the Port Configuration screenLocal Time Setup TimeSet Time Daylight SavingPort Management Setup Stack ManagementPort Management Port Settings Sntp ServersPort Management Port Settings Port Configuration LAG Configuration Port Management Link AggregationPort Management PoE Power Settings Port Management LacpVlan Management Create Vlan Vlan Management Port SettingVlan Management Vlan TableJoin Vlan to Port Vlan Management Port to VlanVlan Management Vlan to Port Statistics Rmon History StatisticsStatistics Rmon Statistics Rmon History Table Rmon HistoryLog Table Alarm Table Statistics Rmon AlarmsAdd Alarm Statistics Interface Statistics Statistics Rmon EventsStatistics Port Utilization Ethernet-like Security 802.1x SettingsSecurity ParametersSetting Timer Security Port SecuritySecurity Management Access List Security Storm ControlBroadcast Only Counts only Broadcast traffic QoSSecurity Radius CoS Settings QoS CoS SettingsQoS Queue Settings CoS DefaultQoS Bandwidth QoS Dscp SettingsQoS Basic Mode Spanning Tree STP Status Global SettingSpanning Tree Spanning Tree Global STPSpeed Displays the speed at which the port is operating Spanning Tree STP Port SettingsBridge Settings Multicast Igmp Snooping Vlan Igmp SettingsMulticast Multicast Bridge MulticastMulticast Bridge Multicast Forward All Snmp Global ParametersSnmp Views Snmp Group ProfileUser Name Provides a user-defined local user list Snmp Group MembershipSnmp Communities Base Table Snmp Notification FilterSnmp Notification Recipient Advanced TableUser Authentication AdminAdmin User Authentication Local User EditSecure The entry is defined for locked ports Admin Static AddressAdmin Dynamic Address Query Admin Port MirroringAdmin Cable Test Clear Table If selected, this clears the MAC Address tableAdmin Save Configuration Admin Factory Default Admin Firmware UpgradeAdmin Reboot Admin Memory Logs Admin LoggingAdmin Server Logs Admin Flash Logs LogoutGigabit Ethernet Appendix aAppendix a About Gigabit Ethernet Fiber Optic Cabling Fiber Optic CablingAppendix B Appendix B About Switch StackingAbout Switch Stacking Stack Building Quick StartUnit IDs Advanced StackingStack Resiliency Unit ID AllocationMaster Election Stack Units Startup ProcessMaster Discovery Stacking Examples Unit and Port ConfigurationUser Controls Replacing a Failed Stack Member in a Running StackStack Master Failure and Replacement Subgroup Contains Both Master Unit and Backup Master Unit Splitting a StackMerging Two Stacks Both Stacks Kept Running During InsertionStacking Cable Failure Inserting Too Many UnitsGlossary Appendix CAppendix C Glossary Glossary Packet a unit of data sent over a network Mail protocol on the InternetAppendix C Appendix D Appendix D SpecificationsSpecifications Dimensions Class of Service Port-based 802.1p Vlan priority-basedPower in compliance with Ieee Management VlanAppendix E Warranty InformationObtaining Warranty Service Exclusions and LimitationsWarranty Information Technical SupportAppendix F Regulatory InformationRegulatory Information Appendix F Norsk Norwegian Miljøinformasjon for kunder i EU Appendix F Appendix G Contact Information