Allows the Security Module to deliver packets only to the end station to which a packet is addressed.

Prohibits unauthorized end stations from listening (eavesdropping) on packets that are not specifically addressed to them.

If a port receives a packet (from the ONline backplane) that is not targeted to any of the valid addresses associated with that port, the Security Module does not allow that packet to be delivered intact to the end station. Instead of delivering valid data to an unauthorized port, the module 'jams' the data by transmitting to the unauthorized port a data pattern of alternating zeros and ones.

Figure 4-1. Example of Eavesdropping Security

Intrusion Detection

Intrusion Detection allows the Security Module to prevent delivery of packets transmitted from unauthorized stations on the network. If a port receives a packet from its end station which contains an invalid source

Configuring Security Features 4 - 5

Page 63
Image 63
3Com 5112M-TPLS installation and operation guide Intrusion Detection, Example of Eavesdropping Security