Configuring Security Features 4 - 7
Security Mode is automatically enabled when you issue the SET SECURITY
PORT SECURITY_TYPE command.
Security Type is automatically configured to Full (which includes both
Eavesdropping and Intrusion security) when you issue the SET SECURITY
PORT MODE ENABLE command.
Note: Security mode must be disabled in order for the EMM to
Autolearn MAC addresses for ports that have Security Type
configured for Intrusion_only or Full. If Security Mode is not
disabled for each port that is configured for Intrusion
Security:
– MAC addresses are not Autolearned
– The ports report an intrusion
Defining Port Action on Intrusion
An additional feature of Intrusion Detection provides you with the ability to
define on a per-port basis the corrective action a management module is to
take when a Security Module port experiences a security intrusion attempt.
Each option provides Intrusion Detection and data collision on the intruding
packet. You may elect to have the management module perform one of
the following actions:
❑ Disable the port and send a trap (disable_and_trap)
❑ Only disable the port (disable_only)
❑ No management action (no_action)
❑ Only send a trap to stations defined in the management module's
community table (trap_only)
Issue the following command to define disable_and_trap as the corrective
action a management module will take upon a security Intrusion attempt
for all ports on the module in slot 3.