17

Port Security

This chapter shows you how to set up port security.

17.1 Port Security Overview

Port security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the Switch. See Chapter 9 on page 91 for information on configuring static MAC address forwarding.

For maximum port security, enable this feature, disable MAC address learning and configure static MAC address(es) for a port. By default, MAC address learning is still enabled even though the port security is not activated.

Functionally the Switch allows for three possible outcomes with port security. You can configure the ports to:

Forward all packets and learn all MAC addresses.

Drop all packets from unknown MAC addresses and do not learn MAC addresses.

Drop all packets from unknown MAC addresses and learn a limited number of MAC addresses.

"The Switch supports five possible configurations for port security. See Section 17.3 on page 127 for supported configurations and an example.

17.2Port Security Setup

Click Advanced Application > Port Security in the navigation panel to display the screen as shown.

 

125

ES-2024 Series User’s Guide