Filter
Top Products
Security
7-8 Configuring Security
2. In the On Violation field, click to select disable if you want the port or ports to
be disabled if any unauthorized source address is detected, or select
noDisable if you wish the port to remain operational after a violation. Note
that selecting the noDisable option effectively removes intruder protection
from the selected ports: a trap will be sent after the first violation, but all
packets, regardless of source address, will be allowed to pass. Ports in this
state still have active eavesdropper protection.
3. The Security Level field allows you to select which packets not addressed to
the selected ports will be scrambled: click to select partial if you wish to
scramble the data portion of all packets
except
broadcasts and multicasts;
select full if you wish to scramble broadcasts and multicasts as well. Note that
scrambling can only be applied to
LANVIEW
SECURE MIMs operating on
channels B or C; this field will be grayed out if one or more non-
LANVIEW
SECURE MIM ports has been selected in the list box.
4. Use the Force NonSecure field to designate which ports should be securable
(that is, lockable) and which should be unsecurable. By definition, any
LANVIEW
SECURE port with more than 35 addresses in its source address
table (or exactly 35 for two consecutive aging times) is unsecurable, as are
any non-
LANVIEW
SECURE ports with more than 3 addresses (or exactly 3 for
two consecutive aging times). Unsecurable ports — whether forced or natural
— cannot be locked, and will be designated in the list box as Unsecurable.
5. Click on to save your changes; the new Security Level and
violation response settings will be displayed in the list box.
To assign secure addresses to a port:
1. Click to select a single port in the list box; the button will be
activated.
2. Click on ; the Addresses window, Figure 7-3, will appear.
NOTE
Any ports which are disabled in response to a violation will remain disabled even after the
EMM-E6 has been reset, and must be re-enabled manually. See Enabling /Disabling
MIM Ports in Chapter 2 for more information.
NOTE
You cannot force a port to Unsecurable status if it is already locked.