Cabletron Systems TRMMIM manual Changing the Ring Security Mode, Remove

Page 112

Ring Security Conﬁguration

Changing the Ring Security Mode

Use the Enable Security and Disable Security options at the top of the Security Conﬁg window turn security on and off; use the Security Mode options to select the level of security you wish to activate:

Disable Security

Selecting this option disables ring security so that any station can attempt to enter the ring. The Security Mode selections — those which determine the action that will be taken when an unauthorized station attempts to enter the ring — are de-activated (grayed out) when security is disabled. Security is disabled by default.

Enable Security

Selecting this option enables you to choose one of two Security Mode options which determine the actions that will be taken when an unauthorized MAC address (i.e., one not in the “Allowed List”) is detected trying to enter the ring. The two Security Mode options are:

Warn	This is the default Enable Security mode. In Warn mode, new
	stations can enter the ring, but a “Station Added” trap will be
	sent to the network management station in response. This trap
	message is only sent once, and it includes the new station’s MAC
	address. Because new stations can still be added to the Allowed
	List in Warn Mode, you can use this mode to allow new users to
	enter the ring; while in Warn mode, the TRMMIM automatically
	adds every inserted station to the Allowed List. This saves you
	from entering MAC addresses one at time using the Add button.
	Note that this option will be set as soon as it is selected; there is
	no conﬁrmation required.
Warn and	This is the highest level of ring security, which will lock the ring
Remove	to new stations. The Alarm/Remove mode sends a “Remove
	MAC Frame” command to a new station attempting to enter the
	ring, and a trap to your management station informing it of the
	action taken. If, after three attempts the station cannot be
	removed from the ring, a trap is sent to the management station
	informing it that the station could not be removed.
	Note that, because of the potentially serious consequences of
	setting this high level of security, you will be asked to conﬁrm
	this selection before it is set.

6-10	Conﬁguring Security

Image 112

Contents Trmmim Page Virus Disclaimer Restricted Rights Notice Applicable to licenses to the United States Government onlyContents Chapter Ring Map Chapter Alarm ConﬁgurationChapter Statistics Chapter Ring Security Conﬁguration Appendix a Trmmim MIB StructureContents Using the Trmmim User’s Guide TrmmimWhat’s not in the Trmmim Guide Introduction to Spma for the TrmmimConventions Screen DisplaysIntroduction to Spma for the Trmmim Using the Mouse ButtonGetting Help FTPTrmmim Firmware Introduction to Spma for the Trmmim Trmmim Firmware Using the Trmmim Hub View Using the Hub ViewUsing the Trmmim Hub View Navigating Through the Hub ViewHub View Front Panel Trmmim Hub ViewUptime Time and DateDevice Name Device LocationUsing the Trmmim Hub View Using the Mouse in a Hub View Module Module Index FNB Bypass State Hub View Port Color Codes Port Display FormErrors FramesTotal Bytes Port TypeFNB Display Monitoring Hub Performance Using the Trmmim Hub View Checking Device Status and Updating Front Panel Info Name and LocationChecking Module Status ContactDate and Time Total RingsSpeed Fault Speed Fault LocationModule Name ModuleAdmin State Checking Port StatusPort Name Module/PortLink State Time Checking Station StatusInsertion Trap Vendor Station NameUpstream Neighbor/Downstream Neighbor Physical Location PriorityPort Mapping Reverse MACsChecking Ring Port Status Conﬁguring Station Name, Location, or PriorityFault State Time Media FaultClass Media TypeChecking Statistics Bytes LineBurst AbortManaging the Hub at the Device Level Managing the HubFind MAC Address Setting the Polling Intervals 12. The Find MAC Address Window13. Trmmim Polling Intervals Contact StatusDevice General Status Device ConﬁgurationPort Operational State StatisticsManaging the Hub at the Module Level Controlling Token Ring FNB Multiplexer ConnectionsINS Board Left ConnectRight Connect BypassControlling Token Ring Speed Clearing the Module FNB Conﬁguration Window SelectionsControlling Token Ring MIM Management Mode Enabling All Ports on Token Ring ModulesAuto AUT Management MGTConverting a Station Port to a Ring-out Port Managing the Hub at the Port LevelEnabling and Disabling Station and Ring Ports Removing a Station from the Ring Ring Map From the command line stand-alone mode Launching the Ring MapFrom the icon From the Hub ViewSelecting a Ring to Map Ring NameRing Map Speed StationsName UtilizationViewing Station-speciﬁc Information Quick Info Popup WindowBoard and Port DropSetting a Station Name Performance and ErrorsSetting a Station Drop Viewing Management Station ConﬁgurationCommands Error Status Open StatusError Active MonitorError Report Timer Setting the Statistics Calculation ModeViewing Ring-level Information Viewing the Error Table Set Calculation Mode WindowError Table Window Total Errors Isolating ErrorsNon-Isolating Errors Changing the Station Labels Viewing Device Information Setting the Map Poll Interval Device Information WindowViewing Beacon History Active Monitor ChangesRing Purges Beacon EventsLongest Beacon Last Beacon TypeLast Beacon Beacon Conﬁguration 12. The Beacon Conﬁguration Window Using the Find Options Searching by Station Name, MAC Address, Board/Port, or Drop 13. Sample Find WindowsFinding the Active Monitor on the Network Finding the Management Station on the Network Frames or Errors measured/Δ Time in seconds Accessing Other Spma Applications 14. Sample Find Highest and Lowest WindowsAlarm Conﬁguration Spmarun e5alarms IP address community name Setting and Viewing Ring Alarms Alarm Conﬁguration Setting and Viewing Station Alarms Setting a Ring Level AlarmAlarm Conﬁguration Alarm Conﬁguration Alarm Conﬁguration Setting a Station Level Alarm Alarm Conﬁguration Setting and Viewing Station Alarms Using Statistics StatisticsViewing the Ring Station List Spmarun e5stats IP Address community nameModule and Port Stn NameUpstream Addr Downstream AddrMonitoring Ring and Station Statistics Using the Reverse MAC ButtonRefreshing the Station List Creating a Pie Chart Creating a Graph or Meter Click mouse button 1 on Ring and Station Variables GeneralProtocols KBytesIsolating Errors Line ErrorsBurst Error AC ErrorAbort Error Non-Isolating ErrorsInternal Error Token Errors Frequency ErrorsStatistics Ring and Station Variables Ring Security Conﬁguration About Ring SecurityLaunching the Security Conﬁguration Window Ring Security ConﬁgurationSecurity Conﬁguration Ring Selection window, -1, will appear Allowed Station List Allowed CountDisallowed Station List Disallowed CountDisable Security Security Mode OptionsEnable Security Allowed/Disallowed List Conﬁguration Buttons Conﬁguring Security Building the Allowed List AutomaticallyDeleting Stations from the Allowed or Disallowed Lists Station Addition WindowClearing All Entries in the Allowed or Disallowed List Clear List WindowChanging the Ring Security Mode RemoveIetf MIB Support Trmmim MIB StructureChassis MGR Protocol StackSnmp Agent Network One, Network TwoBrief Word About MIB Components and Community Names TelnetTrmmim MIB Structure Index Index-2 Index-3 Index-4