Using Passwords, Port Security, and Authorized IP

Using Passwords, Port Security, and Authorized IP Managers To Protect Against Unauthorized Access

Configuring and Monitoring Port Security

Specifying Authorized Devices and Intrusion Responses. This exam- ple configures port 1 to automatically accept the first device (MAC address) it detects as the only authorized device for that port. (The default device limit is 1.) It also configures the port to send an alarm to a network management station and disable itself if an intruder is detected on the port.

SMC TigerSwitch 10/100(config)# port-security 1 learn- mode static action send-disable

The next example does the same as the preceding example, except that it specifies a MAC address of 0c0090-123456 as the authorized device instead of allowing the port to automatically assign the first device it detects as an authorized device.

SMC TigerSwitch 10/100(config)# port-security 1 learn- mode static mac-address 0c0090-123456 action send-disable

This example configures port 5 to:

Allow two MAC addresses, 00c100-7fec00 and 0060b0-889e00, as the authorized devices

Send an alarm to a management station if an intruder is detected on the port

SMC TigerSwitch 10/100(config)# port-security 5 learn- mode static address-limit 2 mac-address 00c100-7fec00 0060b0-889e00 action send-alarm

If you manually configure authorized devices (MAC addresses) and/or an alarm action on a port, those settings remain unless you either manually change them or the switch is reset to its factory-default configuration. You can “turn off” authorized devices on a port by configuring the port to continuous Learn Mode, but subsequently reconfiguring the port to static Learn Mode restores those authorized devices.

Adding an Authorized Device to a Port. To simply add a device (MAC address) to a port’s existing Authorized Addresses list, enter the port number with the mac-addressparameter and the device’s MAC address. This assumes that Learn Mode is set to static and the Authorized Addresses list is not full (as determined by the current Address Limit value). For example, suppose port 2 allows two authorized devices, but has only one device in its Authorized Address list:

7-16

Page 136
Image 136
SMC Networks SMC6624M manual Using Passwords, Port Security, and Authorized IP

SMC6624M specifications

SMC Networks SMC6624M is a robust and versatile managed switch designed to meet the needs of enterprises seeking reliable network solutions. This device features 24 Gigabit Ethernet ports that allow for high-speed data transfer, making it ideal for environments that demand high bandwidth. The SMC6624M is particularly suited for small to medium-sized businesses that require a powerful network backbone to support various applications, including voice, video, and data transmission.

One of the standout features of the SMC6624M is its Layer 2 and Layer 3 switching capabilities, enhancing the flexibility and efficiency of network management. The switch supports VLANs (Virtual Local Area Networks), which allow administrators to segment network traffic for improved security and performance. This capability is essential for organizations looking to optimize their network resources and apply policies that enhance security.

The SMC6624M also integrates advanced Quality of Service (QoS) features, enabling the prioritization of network traffic. This is particularly useful for applications such as VoIP and video conferencing, where maintaining low latency and jitter is crucial for ensuring a seamless user experience. Users can define traffic classes and manage bandwidth allocation, which helps in maintaining the quality of critical applications even during peak usage times.

In terms of connectivity and performance, the SMC6624M includes 4 Gigabit SFP ports, allowing for fiber optic connections to extend network reach and provide flexibility in deployment. The ability to take advantage of high-speed fiber connections means businesses can scale their networks as needed without significant infrastructure changes.

Management options for the SMC6624M are comprehensive. It supports SNMP (Simple Network Management Protocol) for monitoring and managing network performance effectively. Additionally, the switch can be configured using a web-based interface, command-line interface (CLI), or through SNMP, providing flexibility to network administrators with different preferences and expertise.

Furthermore, the SMC6624M is built with a fanless design, which ensures quiet operation and is energy efficient. Its compact form factor and sturdy build make it suitable for installation in various environments, including data centers and office settings.

Overall, the SMC Networks SMC6624M stands out for its combination of speed, flexibility, and management features, making it an excellent choice for businesses looking to enhance their network infrastructure. With a focus on reliability and performance, this managed switch promises to deliver the capabilities that today's modern networks demand.