ZyXEL Communications ES-2048, ES-2024PWR Switching security MAC freeze, Enable MAC Freeze Example

Page 60

ES-2000 Series Switch Support Notes

Switching security

MAC freeze

As an added protection against network intrusion attacks, ZyXEL has implemented the MAC Freeze feature on all ZyXEL Management Switches with firmware version 3.6 or above. Security has been the focus of our Ethernet switch design.

With the MAC freeze feature enabled, dynamic MAC addresses on specified ports are stored in the static MAC address table. At the same time, MAC address learning is disabled on these ports thus denying network access for computers within unknown MAC addresses.

Without the MAC freeze function, any computer can access the network through a switch port. The port automatically learns the computer’s MAC address and stores that to the MAC address table.

Activate the MAC freeze function on a port by entering the port-security [port number] MAC-freezecommand in the CLI.

The following figure shows an example where the MAC freeze feature is enabled on port 6. The switch automatically copies all dynamically learnt MAC address on port 6 to the static MAC address.

Figure 1: Enable MAC Freeze Example

60

All contents copyright (c) 2006 ZyXEL Communications Corporation.

Image 60

Contents Ethernet Switch ZyXEL ES-2000 SeriesConnecting two switches via Fiber Channel Dhcp option 82 Relay Agent Information OptionIgmp Snooping MAC freezeHow to manage & maintain your Switch? Firmware Upgrade From Web GUIFrom Command Line FTP From Console PortES-2000 Series Switch Support Notes Restore a Configuration File From Command Line FTP Backing Up a Configuration File ES-2000 Series Switch Support Notes Load Factory Defaults Scenario Steps to complete this scenario ES-2000 Series Switch Support Notes ES-2000 Series Switch Support Notes ES-2000 Series Switch Support Notes ES-2000 Series Switch Support Notes General Networking Dhcp Relay Option 82 Application NetworkServer 192.168.1.99 Dhcp ClientHow to set up Dhcp Relay Option 82 Environment Switch GS-3012 settingsIP Commander settings Server ES-2000 Series Switch Support Notes Wizard Give a name and description to the new rule ES-2000 Series Switch Support Notes ES-2000 Series Switch Support Notes ES-2000 Series Switch Support Notes ES-2000 Series Switch Support Notes ES-2000 Series Switch Support Notes ES-2000 Series Switch Support Notes ES-2000 Series Switch Support Notes Port-based Vlan Port-based Vlan definition Port-based Vlan across different switch ES-2000 Series Switch Support Notes How to configure Port-Based Vlan Scenario Configuring your Switch to fulfill this scenario GUI ES-2000 Series Switch Support Notes ES-2000 Series Switch Support Notes ES-2000 Series Switch Support Notes Configuring your Switch to fulfill this scenario CLI What is Ieee 802.1Q Tag-based VLAN? Tag-based Vlan OverviewES-2000 Series Switch Support Notes How 802.1Q Vlan works Ingress ProcessForwarding Process VID Vlan IDPort Ad Control Tag Control Egress PortEgress Process How to connect two switches using VLAN? Answer ES-2000 Series Switch Support Notes IP Multicasting How to setup Igmp snooping in your switch? Igmp and Igmp snoopingES-2000 Series Switch Support Notes Configuration of Igmp snooping by web Configuration of Igmp and Igmp snooping by CLI L2Switch# show igmp-snooping GS-4024#show router igmpSpanning Tree Overview Filtering Database Instability How STP Works Select a root bridgeSelect a designated port on each segment Switch a Switch B Switch C MAC = How STP worksES-2000 Series Switch Support Notes Switching security MAC freeze Enable MAC Freeze ExampleDisabled Automatic MAC Address Learning After MAC Freeze ES-2000 Series Switch Support Notes Centralized Management Introduction of SNMPc and NetAtlas System ArchitectureOverview of SNMPc Main elements of SNMPcPage Configuration of adding a new device via SNMPc Adding a new DeviceMap Object Properties Read Access mode Read Community Read/write Community ES-2000 Series Switch Support Notes Rootmap Vlan Configuration via EMS Device panel listSelecting a Vlan Type Vlan Configuration For more information, reference the user guide of NetAtlas Cluster Management Overview Master device Slave deviceMaster device How to set up Cluster Management in switch ES-2000 Series Switch Support Notes Configuration ES-2000 Series Switch Support Notes What is the default setting of the IP parameters? How to access my Switch through the console port?How to change the password? How do I configure an IP address? From Web Configurator Is Online Help available on the Web Configurator? How to restart device from Web?How to check the current running firmware version? Is the mini Gbic transceiver hot-swappable?Bridging Performance802.3ad AggregationEnable flexiblity for How much PoE Power can ES-2024PWR supply concurrently?Immediately Text editing eases

Related manuals

Manual 4 pages 32.42 Kb