HP J3188A manual Setting Outbound Security with Eavesdrop Prevention

Page 82

Security Information

Security Information

Setting Outbound Security with Eavesdrop Prevention

Setting Outbound Security with

Eavesdrop Prevention

Eavesdrop Prevention allows a port to receive a packet transmitted on the network as valid data only if the port’s MAC address matches the packet’s destination address. If the port’s MAC address does not match the packet destination address, the port will receive a packet containing a meaningless data field of alternating 1’s and 0’s. Multicast and broadcast packets are transmitted to all ports unmodified.

Note that sending a packet containing alternating 1’s and 0’s will continue to allow the port to detect the traffic on the network, so that the CSMA/CD network requirements are met. However, the port will correctly record the invalid data packet received as a CRC error. An end-user attached to an HP hub implementing Eavesdrop Prevention data security will normally record a high number of CRC errors on the computer card statistics.

The illustration on the next page shows the use of outbound data security using Eavesdrop Prevention. This type of data security should be enabled on any port that is to receive data on a “need to know” basis. The port must have an authorized MAC address configured and must be connected to only one end-user.

Eavesdrop Prevention may not be used on cascaded ports, or ports connected to a network with multiple end users.

In the illustration below, Server 104 is transmitting a packet destined for PC

101.(For illustration purposes, the numbers 101, 102, 103, and 104 are used to represent 12-digit hexadecimal MAC addresses.) The ports for PC 101 and PC

102have Eavesdrop Prevention enabled or configured ON. Because PC 101’s MAC address matches the packet destination address, it receives the packet unaltered. However, PC 102’s MAC address does not match the packet desti- nation address and therefore it receives a useless packet (the packet data field contains a meaningless pattern of alternating 1’s and 0’s.) The port for PC 103 does not have Eavesdrop Prevention enabled and therefore PC 103 receives the packet unaltered from Server 104.

F-6

Image 82

Contents HP J3188A Page Installation and Reference Guide HP 10Base-T Hub-16M J3188APublication Number Back of the Hub HP 10Base-T Hub-16M J3188AFront of the Hub IiiFeatures Network ConnectionsContents Cables and Connectors Security Information ViiPage Installing the Hub Connect the external transceiver Installing and Configuring Your HubVerify included parts Verify the hub operates correctlyCord connected directly to the hub for proper operation TimeLED PatternMount the hub Rack or Cabinet MountingTable Mounting Connect the hub to your network Connecting Hubs Together Connecting Devices to the HubTwisted-Pair Cascade Connections Installing ThinLAN ConnectionsOhm terminator Connecting the Hub-16M to a Fiber-Optic Backbone Interpreting LED StatusInterpreting Hub Status LEDs Interpreting Port Status LEDs Following table provides LED port informationPage Troubleshooting Troubleshooting ApproachesTroubleshooting Using a Checklist to Diagnose the Hub Using a Checklist to Diagnose the HubProblem Solution LED Operation Power Coll Troubleshooting LED OperationDiagnostic Tips Hub will automatically recover afterTesting the Hub Only Hub Maintenance TasksClearing a Password for the Ascii Console Running Connectivity Tests Troubleshooting Hub Maintenance TasksObtaining Firmware Enhancements Setting up the Ascii Console Managing the HubRemotely, Using Telnet Directly, Using a Serial Cable and a TerminalManaging the Hub Remotely, Using a Modem and a Terminal Starting the ConsoleExample HE ST This displays help for the Status command Console Command ReferenceCommands are described in the rest of the chapter Syntax Conventions on Help ScreenBAckup Default DescriptionCounter Name Definition Valid Range CDpstatusCOunters RangeWhen to Use IPconfig IPconfigDIsconnect Using IP Configuring for Network ManagementUsing Novell NetWare IPX Following table explains the IP parametersParameter Default Value Definition MAnagers SHowManager Address IP or IPX Receive Alarms? CommandTo end your editing NEighbor Displays the other devices that are using CDP protocolMEssageinterval Table entry with ID 1 would now be a blank linePIng PAsswordClear a password Community namePOrt port ON/OFF REsetRObustness Security Configuration Parameter Definitions SEcure portSHowCLearManaging the Hub Configuring Security on All Twisted-Pair Ports Configuring Security on a Single PortEavesdrop Prevention, must be set to on Address Selection Authorized Showing the Security Configuration Clearing Security Violation IndicatorsSPeed new speed STatusStatus Information What It Means 16M will respond with the correct packet Network links, see the , TroubleshootingTEstlink To sendPage Recommended Cables Cables and ConnectorsFollowing table shows PC connections to the RS-232 port Following table shows network connections to the hub Cables and ConnectorsCable Function Cable Type HP Product Number Pins 3 and 6 must be a twisted pair Twisted-Pair Cable/Connector Pin-OutsPins 1 and 2 must be a twisted pair Twisted-Pair Cable for Hub-to-Computer Network ConnectionCable pin-out described below RS-232 Connector and Cable Pin-OutsInstaller for assistance with your cabling requirements Minimum pin-out will function correctlyMinimum Cable Pinout for Ascii Console Connection SignalRS-232 Modem Cable Twisted-Pair Straight-Through Cable Twisted-Pair Cable Pin AssignmentsHub End MDI-X Electrical SpecificationsPhysical EnvironmentalSpecifications ConnectorsElectromagnetic US Robotics Courier V.FC/V.34 Modem ConfigurationMegahertz XJ2288 Pcmcia card modem Intel 14.4EX Practical Peripherals PM288MT IISupra FAX Network Addressing Communication Between the Hub Network Management StationIPX Addressing Notes IPX Addressing for Novell NetWareIP Addresses for IP and Non-IP Networks Globally Assigned IP Network AddressesCountry Device IP ConfigurationCompany Name/Address Using Bootp Bootp ProcessBootp Table File Entries Definitions of the table entry fieldsPage Backup Links How Backup Links WorkLimitations Backup LinksAdditional Notes Hub to a Switch Examples of Backup LinksHow the Backup Function Works Hub to a ServerT e G g e s t i o n Hub can monitor only one linkConfiguring a Backup Link Configuration/Installation SequenceIdentifying the Backup Link Indications of Backup Link ActivationReactivating the Primary Link Page Security Information Understanding Network SecurityAuthorized MAC address How Intruder Prevention WorksHow Eavesdrop Prevention Works Security Information Assigning the Authorized MAC address Setting Inbound Security with Intruder Prevention Auto Port Disable Send AlarmSetting Outbound Security with Eavesdrop Prevention Security Information Page Safety and Regulatory Statements Mounting PrecautionsSettings to configure Power PrecautionsTemperature might exceed 45C 113F Equipment and should be easily accessibleSafety Information GroundingInformations concernant la sécurité Tible de causer des dommages à léquipementHinweise zur Sicherheit Considerazioni sulla sicurezza Consideraciones sobre seguridad Safety Information Japanese European Community Regulatory StatementsFCC Class a Statement for U.S.A. Only CanadaDeclaration of Conformity Index IndexDiagnosing with the LEDs … 2-2 diagnostic tests Late collision … 3-13 mounting the hub … LED description … Verifying hub operation … Page J3188-90001