Security Management

event. For information on configuring trap receivers, see “SNMP Configuration” in Chapter 3.

Security Management

The IntraCore 8000’s security management options are summarized in Table 4-2.

Security Option

Description

Action

 

 

 

Duplicated IP Detec-

Detects the use of a single IP

Detects and logs MAC

tion (Monitoring)

address by two stations.

addresses of both stations and

 

 

the ports they accessed.

 

 

 

Duplicated IP Trap

 

Sends trap with MAC

 

 

addresses of both stations and

 

 

the ports they accessed.

 

 

 

Station Movement Trap

Detects the movement of any

Sends trap with the station’s

 

end station from one port to

MAC address and IP address

 

another.

(if available) and the switch’s

 

 

port numbers.

 

 

 

Port New Node Trap

Detects the connection of any

Sends trap with the new

 

new device to the secured

node’s MAC address and IP

 

port.

address (if available) and the

 

 

port to which they are con-

 

 

nected.

 

 

 

Port Trusted MAC

Creates a set of port-trusted

None.

Address

MAC addresses for use by

 

 

other security measures.

 

 

 

 

Port Intruder Detection

Disallows traffic from MAC

Sends trap with intruder’s

Trap

addresses not belonging to

MAC address.

 

the port trusted MAC address

 

 

set. Station movement is also

 

 

disallowed.

 

 

 

 

Port Lock

Disallows traffic from MAC

Disables the port if an

 

addresses that do not belong

intruder is detected. Sends

 

to the port trusted MAC

trap with the port number, and

 

address set. Station move-

the intruder’s MAC address,

 

ment is also disallowed.

VLAN ID, and IP address (if

 

 

available).

 

 

 

Table 4-2 Security Management Options

Page 4-9

Page 99
Image 99
Asante Technologies 8000 user manual Security Management, Security Option Description Action