Configuring and Monitoring Port Security

Operating Notes for Port Security

Operating Notes for Port Security

Identifying the IP Address of an Intruder. The Intrusion Log lists detected intruders by MAC address. If you are using ProCurve Manager to manage your network, you can use the device properties page to link MAC addresses to their corresponding IP addresses.

Proxy Web Servers. If you are using the switch’s web browser interface through a switch port configured for Static port security, and your browser access is through a proxy web server, then it is necessary to do the following:

Enter your PC or workstation MAC address in the port’s Authorized Addresses list.

Enter your PC or workstation’s IP address in the switch’s IP Authorized Managers list. See “Using Authorized IP Managers” in the Management and Configuration Guide for your switch.)

Without both of the above configured, the switch detects only the proxy server’s MAC address, and not your PC or workstation MAC address, and interprets your connection as unauthorized.

“Prior To” Entries in the Intrusion Log. If you reset the switch (using the Reset button, Device Reset, or Reboot Switch), the Intrusion Log will list the time of all currently logged intrusions as “prior to” the time of the reset.

Alert Flag Status for Entries Forced Off of the Intrusion Log. If the Intrusion Log is full of entries for which the alert flags have not been reset, a new intrusion will cause the oldest entry to drop off the list, but will not change the alert flag status for the port referenced in the dropped entry. This means that, even if an entry is forced off of the Intrusion Log, no new intrusions can be logged on the port referenced in that entry until you reset the alert flags.

LACP Not Available on Ports Configured for Port Security. To maintain security, LACP is not allowed on ports configured for port security. If you configure port security on a port on which LACP (active or passive) is configured, the switch removes the LACP configuration, displays a notice that LACP is disabled on the port(s), and enables port security on that port. For example:

11-38