Configuring and Monitoring Port Security

Basic Operation

General Operation for Port Security. On a per-port basis, you can configure security measures to block unauthorized devices, and to send notice of security violations. Once you have configured port security, you can then monitor the network for security violations through one or more of the following:

Alert flags that are captured by network management tools such as HP TopTools for Hubs & Switches

Alert Log entries in the switch’s web browser interface

Event Log entries in the console interface

Intrusion Log entries in either the menu interface, CLI, or web browser interface

For any port, you can configure the following:

Authorized (MAC) Addresses: Specify up to eight devices (MAC addresses) that are allowed to send inbound traffic through the port. This feature:

Closes the port to inbound traffic from any unauthorized devices that are connected to the port.

Provides the option for sending an SNMP trap notifying of an attempted security violation to a network management station

and, optionally, disables the port. (For more on configuring the switch for SNMP management, see “Trap Receivers and Authen- tication Traps” in the Management and Configuration Guide for your switch.)

Blocking Unauthorized Traffic

Unless you configure the switch to disable a port on which a security violation is detected, the switch security measures block unauthorized traffic without disabling the port. This implementation enables you to apply the security configuration to ports on which hubs, switches, or other devices are connected, and to maintain security while also maintaining network access to authorized users. For example:

7-3

Page 185
Image 185
HP 4100gl manual Blocking Unauthorized Traffic