Security
Configuring Port Security
Cisco Small Business 200 Series Smart Switch Administration Guide 262
17
• Storm Control Rate Threshold—Enter the maximum rate at which unknown
packets can be forwarded. The default for this threshold is 10,000 for FE
devices and 100,000 for GE devices.
• Storm Control Mode—Select one of the modes:
- Unknown Unicast, Multicast & Broadcast—Counts unknown Unicast,
Broadcast, and Multicast traffic towards the bandwidth threshold.
- Multicast & Broadcast—Counts Broadcast and Multicast traffic towards
the bandwidth threshold.
- Broadcast Only—Counts only Broadcast traffic towards the bandwidth
threshold.
STEP 4 Click Apply. Storm control is modified, and the Running Configuration file is
updated.
Configuring Port Security
Network security can be increased by limiting access on a port to users with
specific MAC addresses. The MAC addresses can be either dynamically learned
or statically configured.
Port security monitors received and learned packets. Access to locked ports is
limited to users with specific MAC addresses.
Port Security has four modes:
• Classic Lock—All learned MAC addresses on the port are locked, and the
port does not learn any new MAC addresses. The learned addresses are
not subject to aging or re-learning.
• Limited Dynamic Lock—The device learns MAC addresses up to the
configured limit of allowed addresses. After the limit is reached, the device
does not learn additional addresses. In this mode, the addresses are
subject to aging and re-learning.
• Secure Permanent—Keeps the current dynamic MAC addresses
associated with the port and learns up to the maximum number of
addresses allowed on the port (set by Max No. of Addresses Allowed).
Relearning and aging are disabled.