Security Information

Security Information

How Intruder Prevention Works

How Intruder Prevention Works

Intruder Prevention stops an unauthorized computer (or other device) from actively gaining access to the network. When a port is configured for Intruder Prevention, the hub examines the source address of each packet coming in through that port and compares it with the authorized MAC address. If the addresses are not the same, the hub concludes that an intruder is attempting to gain access to the network and takes the appropriate action (as configured): either disabling the port, sending an alarm to the network management station, or both. See “Setting Inbound Security with Intruder Prevention” later in this appendix.

How Eavesdrop Prevention Works

Eavesdrop Prevention stops a computer (or other device) from seeing network traffic that is not intended for that port. When Eavesdrop Prevention is configured on a port, the hub compares the port’s authorized MAC address with the destination address of any outbound packet. If the addresses match, the hub concludes that the packet is destined for the computer attached to the port, and it sends the packet out through the port unaltered. However, if the addresses do not match, the hub prevents the computer from seeing the packet’s contents by substituting a meaningless string of 1’s and 0’s. Note that broadcast and multicast packets are repeated to all the ports, even when Eavesdrop Prevention is activated. See “Setting Outbound Security with Eavesdrop Prevention” later in this appendix.

Authorized MAC address

To provide data security on a hub port, a single, unique MAC address must be configured as the authorized MAC address for each port. You can configure the authorized MAC address either by assigning it or by designating the port to learn it automatically. This configuration is performed with the Secure command from the hub’s console. See the Secure command description in the chapter on Managing the Hub.

F-2

Page 78
Image 78
HP J3188A How Intruder Prevention Works, How Eavesdrop Prevention Works, Authorized MAC address, Security Information