Cabletron Systems TRMMIM manual Security Mode Options, Disable Security, Enable Security

Page 107

Ring Security Conﬁguration

Vendor

This ﬁeld, visible in both list boxes, displays the vendor associated with each list entry, as determined by the ﬁrst three bytes in its MAC address.

Security Mode Options

The Security Mode options at the top of the Security Conﬁg window display the current security conﬁguration, and allow you to reconﬁgure security. When you select the Warn mode, that level of security will immediately be set at the device; when you select the Warn and Remove mode, you will be asked to conﬁrm your selection.

Disable Security

If this option is selected, no security is set at the device. Any station can attempt to enter the ring without security action being taken. Security is disabled by default.

Enable Security

If Enable Security is selected, one of two Security Mode options is in effect; these modes determine what action will be taken when an unknown MAC address (i.e., one not in the Allowed List) is detected trying to enter the ring. The two Security Mode options are:

Warn	In Warn mode, new stations can enter the ring, but a
	“Station Added” trap will be sent to the network
	management station in response. This trap message is
	only sent once, and it includes the new station’s MAC
	address. Because new stations can still be added to the
	Allowed List in Warn Mode, you can use this mode to
	allow new users to enter the ring; while in Warn mode,
	the TRMMIM automatically enters the MAC address of
	each inserted station on the ring in the Allowed List. This
	saves you from entering MAC addresses one at time
	using the Add button.
Warn and Remove	This is the highest level of ring security, which will lock
	the ring to new stations. While in the Warn and Remove
	mode, the TRMMIM sends a “Remove MAC Frame”
	command to any unauthorized station attempting to
	enter the ring, and a trap to your management station
	informing it of the action taken. The TRMMIM will try
	three times to remove an unauthorized station from the
	ring; if after three attempts the station cannot be
	removed, a trap will be sent to the management station
	informing it that the station could not be removed.

Launching the Security Conﬁguration Window

6-5

Image 107

Contents Trmmim Page Virus Disclaimer Applicable to licenses to the United States Government only Restricted Rights NoticeContents Chapter Statistics Chapter Alarm ConﬁgurationChapter Ring Map Appendix a Trmmim MIB Structure Chapter Ring Security ConﬁgurationContents Trmmim Using the Trmmim User’s GuideIntroduction to Spma for the Trmmim What’s not in the Trmmim GuideScreen Displays ConventionsIntroduction to Spma for the Trmmim Button Using the MouseFTP Getting HelpTrmmim Firmware Introduction to Spma for the Trmmim Trmmim Firmware Using the Hub View Using the Trmmim Hub ViewNavigating Through the Hub View Using the Trmmim Hub ViewTrmmim Hub View Hub View Front PanelDevice Location UptimeTime and Date Device NameUsing the Trmmim Hub View Using the Mouse in a Hub View Module Module Index FNB Bypass State Port Display Form Hub View Port Color CodesPort Type ErrorsFrames Total BytesFNB Display Monitoring Hub Performance Using the Trmmim Hub View Name and Location Checking Device Status and Updating Front Panel InfoTotal Rings Checking Module StatusContact Date and TimeModule Speed FaultSpeed Fault Location Module NameModule/Port Admin StateChecking Port Status Port NameInsertion Trap Checking Station StatusLink State Time Upstream Neighbor/Downstream Neighbor Station NameVendor Reverse MACs Physical LocationPriority Port MappingConﬁguring Station Name, Location, or Priority Checking Ring Port StatusMedia Type Fault State TimeMedia Fault ClassChecking Statistics Abort BytesLine BurstFind MAC Address Managing the HubManaging the Hub at the Device Level 12. The Find MAC Address Window Setting the Polling IntervalsContact Status 13. Trmmim Polling IntervalsStatistics Device General StatusDevice Conﬁguration Port Operational StateControlling Token Ring FNB Multiplexer Connections Managing the Hub at the Module LevelINS Bypass BoardLeft Connect Right ConnectClearing the Module FNB Conﬁguration Window Selections Controlling Token Ring SpeedManagement MGT Controlling Token Ring MIM Management ModeEnabling All Ports on Token Ring Modules Auto AUTEnabling and Disabling Station and Ring Ports Managing the Hub at the Port LevelConverting a Station Port to a Ring-out Port Removing a Station from the Ring Ring Map From the Hub View From the command line stand-alone modeLaunching the Ring Map From the iconRing Name Selecting a Ring to MapRing Map Utilization SpeedStations NameQuick Info Popup Window Viewing Station-speciﬁc InformationDrop Board and PortPerformance and Errors Setting a Station NameViewing Management Station Conﬁguration Setting a Station DropCommands Open Status Error StatusActive Monitor ErrorViewing Ring-level Information Setting the Statistics Calculation ModeError Report Timer Set Calculation Mode Window Viewing the Error TableError Table Window Isolating Errors Total ErrorsNon-Isolating Errors Changing the Station Labels Viewing Device Information Device Information Window Setting the Map Poll IntervalBeacon Events Viewing Beacon HistoryActive Monitor Changes Ring PurgesLast Beacon Last Beacon TypeLongest Beacon Beacon Conﬁguration 12. The Beacon Conﬁguration Window Using the Find Options 13. Sample Find Windows Searching by Station Name, MAC Address, Board/Port, or DropFinding the Active Monitor on the Network Finding the Management Station on the Network Frames or Errors measured/Δ Time in seconds 14. Sample Find Highest and Lowest Windows Accessing Other Spma ApplicationsAlarm Conﬁguration Spmarun e5alarms IP address community name Setting and Viewing Ring Alarms Alarm Conﬁguration Setting a Ring Level Alarm Setting and Viewing Station AlarmsAlarm Conﬁguration Alarm Conﬁguration Alarm Conﬁguration Setting a Station Level Alarm Alarm Conﬁguration Setting and Viewing Station Alarms Statistics Using StatisticsSpmarun e5stats IP Address community name Viewing the Ring Station ListDownstream Addr Module and PortStn Name Upstream AddrRefreshing the Station List Using the Reverse MAC ButtonMonitoring Ring and Station Statistics Creating a Pie Chart Creating a Graph or Meter Click mouse button 1 on KBytes Ring and Station VariablesGeneral ProtocolsAC Error Isolating ErrorsLine Errors Burst ErrorInternal Error Non-Isolating ErrorsAbort Error Frequency Errors Token ErrorsStatistics Ring and Station Variables About Ring Security Ring Security ConﬁgurationRing Security Conﬁguration Launching the Security Conﬁguration WindowSecurity Conﬁguration Ring Selection window, -1, will appear Disallowed Count Allowed Station ListAllowed Count Disallowed Station ListEnable Security Security Mode OptionsDisable Security Allowed/Disallowed List Conﬁguration Buttons Building the Allowed List Automatically Conﬁguring SecurityStation Addition Window Deleting Stations from the Allowed or Disallowed ListsClear List Window Clearing All Entries in the Allowed or Disallowed ListRemove Changing the Ring Security ModeTrmmim MIB Structure Ietf MIB SupportNetwork One, Network Two Chassis MGRProtocol Stack Snmp AgentTelnet Brief Word About MIB Components and Community NamesTrmmim MIB Structure Index Index-2 Index-3 Index-4