3Com 5112M-TPLS installation and operation guide Showing Security Intruder List

Page 76

A double asterisk (**) marks entries that have exceeded the EMM capacity of 360 MAC addresses, or the TRMM capacity of 400 MAC addresses. Entries that exceed the 360 or 400 MAC address maximum (that is, entry 361 and greater or entry 401 or greater) are not downloaded.

If your concentrator is near full capacity, or if you have ports connected to bridges, you may wish to perform two or more Autolearn Captures, which may prevent these ports from exceeding the 360 MAC address limit.

For example, to perform two Autolearn Captures:

1.Initiate an Autolearn Capture specifying only some of the modules and ports.

2.Download this information to the Security Module.

3.Initiate the second Autolearn Capture specifying the remaining modules and ports.

4.Download this information to the Security Module.

Showing Security Intruder List

The SHOW SECURITY INTRUDER_LIST command is only available with Advanced EMM Version 4.0. The Security Intruder list contains information regarding the 10 most recent intrusion attempts for a network. This information includes:

❑The MAC address of the intruding station (MAC addresses are available for all Ethernet modules with the exception of the Security Module)

❑The time that has elapsed since the intrusion attempt occurred (in days, hours, minutes, and seconds)

❑A notification if the port was automatically disabled

The oldest entry in the Intruder list is removed when the list is full (10 entries) and a new intrusion attempt occurs.

4 - 18 ONline 10BASE-T Security Module Installation and Operation Guide

Image 76

Contents Page VDE Class B Compliance Restricted Rights Page Contents Installing and Operating the Module Troubleshooting Appendix B Technical Support Figures Page Tables Page How to Use This Guide AudienceStructure of This Guide Convention Indicates Example Document ConventionsUsr/snm/agents Related Documents 3Com Documents Reference DocumentsPage Introduction ONline 10BASE-T Security ModuleTheory of Operation ApplicationONline Management ONline 10BASE-T Security Module ApplicationPage Designing and Expanding the Network Understanding the General Rules Basic Network RulesSeven Basic Network Rules Rule Definition Recommendations/NotesCertain LAN devices Seven Basic Network Rules LAN Product Equivalent Distances LAN EquivalenceLAN Product Equivalent Fiber Fiber Backbone, Twisted Pair To-The-Desk Fiber Backbone, Twisted Pair To-The-Desk Example Sample Configuration Distance Calculation Maximum Link Distance on Twisted Pair Twisted Pair Backbone, Twisted Pair To-The-DeskCable Gauge Supports Link Distances Up To Patch Panels Unshielded Twisted Pair NetworkRedundant Twisted Pair Configuration Redundant LinksDesigning and Expanding the Network 2 Page Installing and Operating the Module Precautionary Procedures Quick Installation ChartProcedures for Completing Installation Step Procedure ReferenceInstalling the Module Unpacking Procedures Setting the Dip Switch Security Module Dip Switch SW1 LocationDIP Switch SW1 Network Selection Settings Switch Network Selection Switch SettingsSwitch Function Factory Setting DIP Switch SW1 Security and Link Integrity SettingsOff On Installing the Module Installing the Cable Tie-Wrap KitAttaching the Tie-Wrap Bracket to the Module Attaching Cables With 90 Connectors Installing the Module Installing an ONline 10BASE-T Security ModuleONline 10BASE-T Security Module Cable Connection Configuring the Module Network Assignment Port EnablePort Redundancy Link Integrity Module SecurityReverting Module Configurations Saving Module ConfigurationsAutopartition Threshold Showing Module Configurations Show Module Show Module Verbose Show Port Show Port VerboseMonitoring the Front Panel Security Module Faceplate Interpretation of the Security Module LEDs Color State Indicates NameLED and Network Verification LED State Network ConfigurationNetwork Check Codes Page Configuring Security Features Quick Reference for Configuring the Security Module Quick Reference for Configuring SecurityProcedure Command SET Security Autolearn Configuring Security Features Eavesdropping SecurityIntrusion Detection Example of Eavesdropping SecurityDefining Port Security Type Example of Intrusion DetectionDefining Port Action on Intrusion Configuring Autolearning Mask Enabling PortsConfiguring Autolearning Autolearn capture done learned 0 addresses total Defining a MAC Address Manually Downloading the Autolearning Database Configuring Security Mode Saving Security Configurations Showing Security ConfigurationsReverting Security Configurations Showing Port Configurations Eavesdrop None ETHERNET1 Showing Security Autolearn Showing Security Intruder List Clearing Security Configurations Clearing the MAC Address TableClearing the Autolearning Database Clearing the Security Intruder ListUsing 3Com MIB Security Variables EMM Security Snmp VariablesUsing the Security Module Snmp Variables Configuring Security Features 4 Page Troubleshooting TroubleshootingTroubleshooting Using the Status LEDs Troubleshooting Using the Port Status LEDsTroubleshooting Using the Port Status LEDs Troubleshooting Using the Activity LEDs Troubleshooting Using the Activity LEDsLED State Possible Problem Troubleshooting Solutions Technical Assistance Page Specifications Electrical SpecificationsMechanical Specifications Environmental SpecificationsGeneral Specifications Pin Connector and Cable Figure A-1 -Pin Cable Male and Female Connectors Table A-1 -Pin Cable Pinouts and Port Assignments Hub Trans CeiverPort # Function PolarityTwisted Pair Connectors and Cables Hub TransHub Port #Twisted Pair Connectors Figure A-2. RJ-45 Connector PinoutsTwisted Pair Cables Technical Support On-line Technical SupportEmail Technical Support Support from Your Network SupplierWorld Wide Web Site Support from 3Com Accessing the 3Com MIB Returning Products for Repair3Com Technical Publications Page Index Activity LEDs, 3-18,3-20 Quick Reference Chart Security Type Default Setting Index