Filter
Top Products
SET SECURITY_ADVANCED PORT INTRUDER_CHECKING
2-251
SET
SECURITY_ADVANCED
PORT
INTRUDER_CHECKING
Use the SET SECURITY_ADVANCED PORT INTRUDER_CHECKING command to
enable intruder checking on ports in an Ethernet network that has an Ethernet
Private Line Card assigned to it.
When you enable per-port intruder checking, the Ethernet Private Line Card
compares each packet’s source MAC address against an established list of valid
MAC addresses in the security address table. If the source address of the port
does not match an address in the security table, the packet is treated as an
intruder.
You must have the source address checking network parameter enabled to look
up the source address of a transmitted packet. To look up the source port
number, you must have the source port checking network parameter enabled. If
both of these network parameters are enabled, both the source address and
related source port number must match a port number and MAC address in the
security address table, or the packet is treated as an intruder.
Format
Example
The following command enables intruder checking on port 5.1:
CB5000> set security_advanced port 5.1 intruder_checking enable
Port 05.01 intruder_checking set to ENABLED.
Related Command
SHOW SECURITY_ADVANCED
set security_advanced port
slot.port
disable
enable
intruder_checking
slot.
all
slot.port Identifies the port for this operation.
slot (1 through 17) is the slot number location of a module in the hub
and port
(1 through 40) is the port number on the specified module.
For example, to identify port 4 on the module in slot 6, enter
6.4
slot.
all
Specifies all ports on a module. slot
is the slot number of the module.
disable
Disables intruder checking.
enable
Enables intruder checking.