Manuals / ZyXEL Communications / Computer Equipment / Switch

ZyXEL Communications ES-2048, ES-2024PWR Switching security MAC freeze, Enable MAC Freeze Example

Models: ES-2048 ES-2024A ES-2024PWR

1 88
Download 88 pages 59.92 Kb
Page 60
Image 60

ES-2000 Series Switch Support Notes

Switching security

MAC freeze

As an added protection against network intrusion attacks, ZyXEL has implemented the MAC Freeze feature on all ZyXEL Management Switches with firmware version 3.6 or above. Security has been the focus of our Ethernet switch design.

With the MAC freeze feature enabled, dynamic MAC addresses on specified ports are stored in the static MAC address table. At the same time, MAC address learning is disabled on these ports thus denying network access for computers within unknown MAC addresses.

Without the MAC freeze function, any computer can access the network through a switch port. The port automatically learns the computer’s MAC address and stores that to the MAC address table.

Activate the MAC freeze function on a port by entering the port-security [port number] MAC-freezecommand in the CLI.

The following figure shows an example where the MAC freeze feature is enabled on port 6. The switch automatically copies all dynamically learnt MAC address on port 6 to the static MAC address.

Figure 1: Enable MAC Freeze Example

60

All contents copyright (c) 2006 ZyXEL Communications Corporation.

Page 59 Page 61
Page 60
Image 60
ZyXEL Communications ES-2048, ES-2024PWR, ES-2024A manual Switching security MAC freeze, Enable MAC Freeze Example
Page 59 Page 61