Port Level Security Configuration Screen

Security State (Selectable)

Used to select the state of security for frames received by a specific port on the connector. The states are as follows:

PortMismatch – Indicates that not all ports on the connector are set to the same state.

NonSecure – Allows the ports on the connector to receive all frames. The source address of received frames is not examined and the frames are processed in a non secure state.

LockOnNext – The next frame received by each port is examined to learn its source address. As the source address of a frame is learned on a port, only those frames received with that same source address are processed on that port. Any other address detected is considered as an intruder and the device executes the actions selected in the Action On Intruder field.

LockedOnAddr – The source address of the last frame received (or the source address entered in the Port Level Security Configuration screen, if one is entered) is used for security purposes. Once a secure address is defined on a port, only those frames received with that same source address are processed on that port. Any other frame detected with a different address is considered as an intruder, causing the device to execute the actions selected in the Action On Intruder field.

Action On Intruder (Toggle)

Used to select the actions taken for the selected security state. There are two fields to select the actions. Both toggle to activate or deactivate the action.

DisablePort/NoDisable – DisablePort causes the switch to turn off the port that had a security violation. With NoDisable set, the port is not turned off.

SendTrap/NoTrap – SendTrap causes the switch to send an SNMP trap when a port detects a security violation. With NoTrap set, no SNMP trap is sent.

2H23-50R/2H33-37R User’s Guide

5-77

Page 127
Image 127
Cabletron Systems 2H23-50R, 2H33-37R manual Security State Selectable