Cabletron Systems TRMMIM manual Security Mode Options, Disable Security, Enable Security

Page 107

Ring Security Configuration

Vendor

This field, visible in both list boxes, displays the vendor associated with each list entry, as determined by the first three bytes in its MAC address.

Security Mode Options

The Security Mode options at the top of the Security Config window display the current security configuration, and allow you to reconfigure security. When you select the Warn mode, that level of security will immediately be set at the device; when you select the Warn and Remove mode, you will be asked to confirm your selection.

Disable Security

If this option is selected, no security is set at the device. Any station can attempt to enter the ring without security action being taken. Security is disabled by default.

Enable Security

If Enable Security is selected, one of two Security Mode options is in effect; these modes determine what action will be taken when an unknown MAC address (i.e., one not in the Allowed List) is detected trying to enter the ring. The two Security Mode options are:

Warn

In Warn mode, new stations can enter the ring, but a

 

“Station Added” trap will be sent to the network

 

management station in response. This trap message is

 

only sent once, and it includes the new station’s MAC

 

address. Because new stations can still be added to the

 

Allowed List in Warn Mode, you can use this mode to

 

allow new users to enter the ring; while in Warn mode,

 

the TRMMIM automatically enters the MAC address of

 

each inserted station on the ring in the Allowed List. This

 

saves you from entering MAC addresses one at time

 

using the Add button.

Warn and Remove

This is the highest level of ring security, which will lock

 

the ring to new stations. While in the Warn and Remove

 

mode, the TRMMIM sends a “Remove MAC Frame”

 

command to any unauthorized station attempting to

 

enter the ring, and a trap to your management station

 

informing it of the action taken. The TRMMIM will try

 

three times to remove an unauthorized station from the

 

ring; if after three attempts the station cannot be

 

removed, a trap will be sent to the management station

 

informing it that the station could not be removed.

Launching the Security Configuration Window

6-5

Image 107
Contents Trmmim Page Virus Disclaimer Applicable to licenses to the United States Government only Restricted Rights NoticeContents Chapter Statistics Chapter Alarm ConfigurationChapter Ring Map Appendix a Trmmim MIB Structure Chapter Ring Security ConfigurationContents Trmmim Using the Trmmim User’s GuideIntroduction to Spma for the Trmmim What’s not in the Trmmim GuideScreen Displays ConventionsIntroduction to Spma for the Trmmim Button Using the MouseFTP Getting HelpTrmmim Firmware Introduction to Spma for the Trmmim Trmmim Firmware Using the Hub View Using the Trmmim Hub ViewNavigating Through the Hub View Using the Trmmim Hub ViewTrmmim Hub View Hub View Front PanelDevice Location UptimeTime and Date Device NameUsing the Trmmim Hub View Using the Mouse in a Hub View Module Module Index FNB Bypass State Port Display Form Hub View Port Color CodesPort Type ErrorsFrames Total BytesFNB Display Monitoring Hub Performance Using the Trmmim Hub View Name and Location Checking Device Status and Updating Front Panel InfoTotal Rings Checking Module StatusContact Date and TimeModule Speed FaultSpeed Fault Location Module NameModule/Port Admin StateChecking Port Status Port NameInsertion Trap Checking Station StatusLink State Time Upstream Neighbor/Downstream Neighbor Station NameVendor Reverse MACs Physical LocationPriority Port MappingConfiguring Station Name, Location, or Priority Checking Ring Port StatusMedia Type Fault State TimeMedia Fault ClassChecking Statistics Abort BytesLine BurstFind MAC Address Managing the HubManaging the Hub at the Device Level 12. The Find MAC Address Window Setting the Polling IntervalsContact Status 13. Trmmim Polling IntervalsStatistics Device General StatusDevice Configuration Port Operational StateControlling Token Ring FNB Multiplexer Connections Managing the Hub at the Module LevelINS Bypass BoardLeft Connect Right ConnectClearing the Module FNB Configuration Window Selections Controlling Token Ring SpeedManagement MGT Controlling Token Ring MIM Management ModeEnabling All Ports on Token Ring Modules Auto AUTEnabling and Disabling Station and Ring Ports Managing the Hub at the Port LevelConverting a Station Port to a Ring-out Port Removing a Station from the Ring Ring Map From the Hub View From the command line stand-alone modeLaunching the Ring Map From the iconRing Name Selecting a Ring to MapRing Map Utilization SpeedStations NameQuick Info Popup Window Viewing Station-specific InformationDrop Board and PortPerformance and Errors Setting a Station NameViewing Management Station Configuration Setting a Station DropCommands Open Status Error StatusActive Monitor ErrorViewing Ring-level Information Setting the Statistics Calculation ModeError Report Timer Set Calculation Mode Window Viewing the Error TableError Table Window Isolating Errors Total ErrorsNon-Isolating Errors Changing the Station Labels Viewing Device Information Device Information Window Setting the Map Poll IntervalBeacon Events Viewing Beacon HistoryActive Monitor Changes Ring PurgesLast Beacon Last Beacon TypeLongest Beacon Beacon Configuration 12. The Beacon Configuration Window Using the Find Options 13. Sample Find Windows Searching by Station Name, MAC Address, Board/Port, or DropFinding the Active Monitor on the Network Finding the Management Station on the Network Frames or Errors measured/Δ Time in seconds 14. Sample Find Highest and Lowest Windows Accessing Other Spma ApplicationsAlarm Configuration Spmarun e5alarms IP address community name Setting and Viewing Ring Alarms Alarm Configuration Setting a Ring Level Alarm Setting and Viewing Station AlarmsAlarm Configuration Alarm Configuration Alarm Configuration Setting a Station Level Alarm Alarm Configuration Setting and Viewing Station Alarms Statistics Using StatisticsSpmarun e5stats IP Address community name Viewing the Ring Station ListDownstream Addr Module and PortStn Name Upstream AddrRefreshing the Station List Using the Reverse MAC ButtonMonitoring Ring and Station Statistics Creating a Pie Chart Creating a Graph or Meter Click mouse button 1 on KBytes Ring and Station VariablesGeneral ProtocolsAC Error Isolating ErrorsLine Errors Burst ErrorInternal Error Non-Isolating ErrorsAbort Error Frequency Errors Token ErrorsStatistics Ring and Station Variables About Ring Security Ring Security ConfigurationRing Security Configuration Launching the Security Configuration WindowSecurity Configuration Ring Selection window, -1, will appear Disallowed Count Allowed Station ListAllowed Count Disallowed Station ListEnable Security Security Mode OptionsDisable Security Allowed/Disallowed List Configuration Buttons Building the Allowed List Automatically Configuring SecurityStation Addition Window Deleting Stations from the Allowed or Disallowed ListsClear List Window Clearing All Entries in the Allowed or Disallowed ListRemove Changing the Ring Security ModeTrmmim MIB Structure Ietf MIB SupportNetwork One, Network Two Chassis MGRProtocol Stack Snmp AgentTelnet Brief Word About MIB Components and Community NamesTrmmim MIB Structure Index Index-2 Index-3 Index-4