User’s Manual of
4.13Port Security (To be Continued)
Port security is a feature that allows you to configure a switch port with one or more device MAC addresses that are authorized to access the network through that port.
When port security is enabled on a port, the Managed Switch stops learning new MAC addresses on the specified port when it has reached a configured maximum number. Only incoming traffic with source addresses already stored in the dynamic or static address table will be authorized to access the network through that port. If a device with an unauthorized MAC address attempts to use the switch port, the intrusion will be detected and the switch can automatically take action by disabling the port and sending a trap message.
<source MAC address, VLAN> pair for frames received on the port.
Note that you can also manually add secure addresses to the port using the Static Address Table. The selected port will stop learning. The MAC addresses already in the address table will be retained and will not age out. Any other device that attempts to use the port will be prevented from accessing the switch.
MAC Table Learning
Figure 4-13-1 Port Security Settings screenshot
The page includes the following fields:
|
|
|
Object | Description | |
• | Auto | Learning is done automatically as soon as a frame with unknown SMAC is |
|
| received. |
|
|
|
• | Disable | No learning is done. |
|
|
|
• | Secure | Only static MAC entries are learned, all other frames are dropped. |
|
|
|
|
|
|
185