Managing the Hub

Console Command Reference

Security and port LEDs flash, the intruder’s MAC address is displayed on the console Status command screen, and an alarm is sent to the authorized network management station(s).

Use the First Address Heardprovides medium port security. The hub learns the address of the first device attached to the port and makes it the authorized MAC address. If you have any security configured for the port (Send Alarm and/or Eavesdrop Prevention parameters are set to YES), when a different device is later attached to the port, the new address is registered as an “intruder address”; a security violation has occurred. In that case, the port is automatically disabled, and the Security and affected port LEDs flash. An alarm is also sent to the authorized network management station(s) if the Send Alarm parameter is set to YES.

Assign an Addressprovides the highest security. You enter the address of the device that is authorized to be attached to the port. If you have any security configured for the port (Send Alarm and/or Eavesdrop Prevention parameters are set to YES), when a different device is later attached to the port, the new address is registered as an “intruder address”; a security violation has occurred. In that case, the port is automatically disabled, and the Security and affected port LEDs flash. An alarm is also sent to the authorized network management station(s) if the Send Alarm parameter is set to YES.

Port Security Offdisables port security. This is a convenient way to remove the port security. It automatically sets the Send Alarm and Eaves- drop Prevention parameters to OFF (and therefore, the Disable Port parameter will also be OFF).

Send Alarm when intruder detected. Configures the hub to send an alarm (SNMP trap) to a network management station whenever an unauthorized address (an intruder) is detected on the port. Note that for the alarm to actually be sent, you must have first used the Managers command to configure one or more network managers to receive alarms. See the Managers command description earlier in this chapter.

Eavesdrop prevention. Configures the hub to prevent the port from hearing data that is intended for another port. Only the data packets that have a destination address that matches the port’s authorized address are sent to the port. If Eavesdrop Prevention is not enabled on all ports, the hub functions like a repeater and every packet seen by the hub is forwarded to the non- Eavesdrop Prevention ports. See Appendix F, “Security Information,” for a detailed description of this feature.

Managing the Hub

3-15

Page 44 Page 46
Page 45
Image 45
HP J3188A manual Managing the Hub
Page 44 Page 46
Top Page Image Contents