Manuals / Asante Technologies / Computer Equipment / Switch

Asante Technologies 8000 user manual Security Management, Security Option Description Action

Models: 8000

1 168

Download 168 pages 50.89 Kb

Page 99

Security Management

event. For information on configuring trap receivers, see “SNMP Configuration” in Chapter 3.

Security Management

The IntraCore 8000’s security management options are summarized in Table 4-2.

Security Option	Description	Action

Duplicated IP Detec-	Detects the use of a single IP	Detects and logs MAC
tion (Monitoring)	address by two stations.	addresses of both stations and
		the ports they accessed.

Duplicated IP Trap		Sends trap with MAC
		addresses of both stations and
		the ports they accessed.

Station Movement Trap	Detects the movement of any	Sends trap with the station’s
	end station from one port to	MAC address and IP address
	another.	(if available) and the switch’s
		port numbers.

Port New Node Trap	Detects the connection of any	Sends trap with the new
	new device to the secured	node’s MAC address and IP
	port.	address (if available) and the
		port to which they are con-
		nected.

Port Trusted MAC	Creates a set of port-trusted	None.
Address	MAC addresses for use by
	other security measures.

Port Intruder Detection	Disallows traffic from MAC	Sends trap with intruder’s
Trap	addresses not belonging to	MAC address.
	the port trusted MAC address
	set. Station movement is also
	disallowed.

Port Lock	Disallows traffic from MAC	Disables the port if an
	addresses that do not belong	intruder is detected. Sends
	to the port trusted MAC	trap with the port number, and
	address set. Station move-	the intruder’s MAC address,
	ment is also disallowed.	VLAN ID, and IP address (if
		available).

Table 4-2 Security Management Options

Page 4-9

Image 99

Asante Technologies 8000 user manual Security Management, Security Option Description Action

Contents

IntraCore Limited Five Year Warranty Table of Contents Configuration Viewing Legends for Configuration SettingsAdvanced Management Unicast Forwarding Database ConfigurationWeb Browser Management MIB Statistics Technical SupportPage IntraCore Architecture Overview Core Switching EngineMAN/WAN Infrastructure ConnectivityNetwork Management, Security, Performance, and Control LANMance IntraCore Product FamilyEnterprise Switches Edge SwitchesIntraCore Port 10/100 Switch ModuleIntraCore Expansion Modules1000BaseLX Gbic Gigabit Ethernet Switch Module1000Base SX Gbic 1000BaseLX Long Haul GbicFeatures FeaturesFeature Description VLANs Introduction Feature DescriptionDefaults and Specifications Defaults and SpecificationsConfiguration Default Setting Color and Meaning LEDsCooling and Airflow Installation GuidelinesPower Requirements Environmental RequirementsStep Action to Be Taken Installation OverviewEquipment Rack Guidelines Chassis Installation/PlacementInstallation in an Equipment Rack Safety Precautions for Rack InstallationEquipment Rack Installation Procedure Free-Standing/Desktop PlacementStacking Switches Stacking SwitchesTwo Stack Configuration Three or Four Stack ConfigurationFour stack configuration Installing Port Expansion Modules Installing Port Expansion ModulesInstalling Gbic Interfaces Installing a GbicRemoving a Gbic Connecting Power Connecting PowerGbic Care and Handling Connecting to the Network 10/100BaseX Ports Cabling ProceduresConnecting To Cable Required Configuring for Management Configuring for Management1000BaseX Ports Cabling Procedures BootP ConfigurationConnecting To a Console Method Type Description Management OptionsOut-of-Band Management Management OptionsTelnet In-Band ManagementSNMP-Based Management Web BrowserInstallation and Setup Configuration Logging Local Management InterfaceLocal Management Interface Accessing a SubmenuMain Menu Exiting a Submenu4MB Viewing General InformationViewing General Information Setting DescriptionConfiguration Menu Configuration Menu OptionsMenu Item Description Snmp Configuration Configuration MenuSystem Administration Configuration Current SettingsChanging System Administration Info System IP Configuration System IP ConfigurationChanging System IP Information Describes each setting on the System IP Configuration MenuBootstrap Configuration Bootstrap ConfigurationImage Banks Loading Software Locally Loading Software Remotely Remote Bootstrap Configuration MenuDate Rently running on the IntraCore Load Mode Current SettingsBootstrap Configuration Empty Snmp ConfigurationChanging Community Strings Snmp ConfigurationAdding or Updating a Trap Receiver Enabling Authentication TrapsPort Configuration Port ConfigurationDeleting a Trap Receiver 10 Port Configuration Menu for 10/100BaseTX modules 11 Legends for all Port Configuration Menus Viewing Legends for Configuration SettingsEnabling or Disabling a Port Current Port SettingsConfiguring Auto-Negotiation Configuring a Port Manually Toggling Port Link SpeedToggling Half to Full Duplex 12 Port Configuration Menu for 1000BaseX ports Configuring 1000BaseX PortsEnabling or Disabling a Port Advanced Port Configuration Advanced 10/100BaseTX Port ConfigurationAdvanced Port Configuration 14 Advanced Port Configuration Menu 1000BaseX port Advanced 1000BaseX Port ConfigurationFlow Control Setting the Maximum Broadcast or Multicast RateEnabling or Disabling 802.3x Flow Control Global Port Configuration Setting Port Default PriorityGlobal Port Configuration 15 Global Port Configuration Menu 10/100BaseTX ports Unicast Forwarding Database Configuration Unicast Forwarding Database ConfigurationAge-out Time Displaying the Forwarding DatabaseUnicast Forwarding Database Configuration MPT Searching for a MAC Address20 MAC Address Search summary Setting the MAC Address Age-Out Time21 Image File Downloading Configuration Menu Image File Downloading ConfigurationImage Downloading Through Tftp Image File Downloading Configuration10 describes each setting on the Tftp Image Downloading Menu Performing a Software Upgrade at Runtime 23 X/Y/Z Modem Image File Downloading Menu Serial Downloading ConfigurationPerforming a Software Upgrade 24 Baud Rate Menu System Reset Configuration System Reset ConfigurationResetting the IntraCore Current OptionsOption Description Scheduling a System Reset Viewing the System LogViewing the System Log 26 System Log Menu Clearing the System LogUser Interface Configuration User Interface ConfigurationConfiguration Setting Description Setting Console Idle Time-out Period Setting Telnet Idle Time-out PeriodChanging the Password Page 29 Systems Module Map Viewing StatisticsConfiguration 31 Port Statistics Counters since reset Configuration Overview Spanning Tree ProtocolEnabling and Disabling STP How It WorksHello Time Configuring Spanning Tree ParametersSpanning Tree Parameters Bridge PriorityForward Delay Maximum AgePort Priority ID is the Bridge Priority. If the Bridge ID is shown as Current STP SettingsSetting Port Priority and Path Cost Spanning Tree Port ConfigurationSnmp and Rmon Management Snmp and Rmon ManagementEthernet History Group Alarm GroupRmon Management Ethernet Statistics GroupSecurity Management Security ManagementSecurity Option Description Action Security Traps Viewing a List of Duplicated IP Addresses Duplicated IP Detection and TrapEnabling and Disabling Duplicated IP Detection Enabling and Disabling Duplicated IP TrapSimilar to Figure Enabling and Disabling Station Movement TrapPort Security Configuration Menu Configuring Port SecurityAdvanced Management Setting Description Configuring Port New Node Detection TrapConfiguring Port Lock and Intruder Lock Configuring Security Level 2 or Level Setting the Intruder Trap Resetting Security to DefaultsInserting/Modifying a Port Trusted MAC Address Vlan Management Vlan Specifications for the IntraCoreVlan Management Other Vlan Features in IntraCoreOverview of VLANs Benefits of Vlan ManagementAbbreviations Tagged and Untagged FramesVlan Port Membership and Untagging Default VlanVlan Groups Port Vlan IDIndependent vs. Shared Learning Inter-Switch Links Frame Type Filter Port Receive Ingress VLANs UntagsetAll Frames Disabled Yes Describes each setting on the Vlan Management Menu Configuring Vlan ManagementFID Configuring Static Vlan GroupsVlan Index Creating a VlanAdding Port Members Enabling and Disabling Management AccessRemoving a Vlan Naming a VlanAdvanced Static Vlan Configuration Deleting Port MembersMoving Ports to This Vlan Specifying Shared or Independent Address Learning Specifying Tagging or No Tagging for a PortInserting and Removing MAC Addresses 10 Vlan Port Configuration Menu Configuring Vlan Port AttributesSetting the Port Vlan ID Configuring Port Receive Frame Type Adding and Deleting VLANs from the PortEnabling and Disabling Port Ingress Filtering Configuring Inter-Switch Links Enabling and Disabling Port Gvrp StatusAdding an ISL Port to VLANs Configuring the ISL Port to Receive Tagged Frames Configuring Tagging for the ISL Port on Each VlanDisplaying a Vlan Port Summary Displaying a Summary of Vlan GroupsResetting Vlan Configuration to Defaults Configuring GvrpDisplaying a Vlan FID-VID Association Summary 15 Gvrp Configuration Menu Enabling and Disabling System Gvrp Enabling Gvrp on a Group of PortsDisabling Gvrp on a Group of Ports 16 Vlan Forbidden Set Configuration Menu Configuring Vlan Forbidden Sets17 Vlan Registration Fixed Set Configuration Menu Configuring Registration Fixed SetsMulticast Addresses Multicast Traffic ManagementMulticast Traffic Management IP Multicast Quality of Service RsvpIgmp Snooping Gmrp Garp Multicast Registration Protocol18 Multicast Traffic Management Menu Configuring Multicast Traffic ManagementDisplaying a Summary of Group Addresses Enabling and Multicast Poliocy-based Quality of ServiceEnabling and Disabling Gmrp Enabling and Disabling Igmp Snooping19 Summary of Group Addresses Multicast Forwarding Database ConfigurationAdding ports to the Selected Address Inserting a Multicast Group AddressRemoving a Multicast Group Address Advanced Management Web Browser Management Accessing with a Web BrowserWeb Browser Management Overview Front Panel Display Port Activity IndicatorManagement Buttons Front Panel ButtonPort Configuration and Statistics Port Selector FeatureGenl Info General Information Button Genl Info General Information ButtonStatistics Button Statistics Bar ChartStatistics Button Line chart of received frames for a port-7 the counters for a port are displayed in bar graph form Bar graph of counters for a port Port Configuration table Port Config Port Configuration ButtonSpan Tree Spanning Tree Button Span Tree Spanning Tree ButtonSnmp Button 10 Snmp ConfigurationAddr Address Table Button Addr Address Table ButtonVlan Button Port ConfigurationVlan Button Vlan ConfigurationCreating or Modifying a Vlan 14 Vlan Group Configuration optionsAdding and Deleting Port Members 16 Add/Delete Port Member dialog box Duplicate IP Button Duplicate IP ButtonWeb Browser Management Contacting Technical Support Technical SupportA-2 Readable Octets FCS ErrorsMIB Object Definitions for Counters Readable FramesAlignment Errors Frame Too LongsShort Events Runts CollisionsMIB Object Definitions for Counters Late Events Very Long Events MismatchesAuto Partitions Total Errors