Filter
Top Products
Configuring Port and System Security 503
19
Configuring Port and System
Security
This chapter describes how to configure port-based and system security
features, which control access to the network through the switch ports, and
the denial of service (DoS) feature.
The topics covered in this chapter include:
• Port-based Security—IEEE 802.1X and Port MAC Locking
• Captive Portal
• Authentication Manager
• Denial of Service
Port-based Security—IEEE 802.1X and Port MAC
Locking
Port-based security includes IEEE 802.1X authentication and port MAC
locking.
• IEEE 802.1X provides an authentication mechanism to devices connected
to the switch. Network access is permitted only to authorized devices
(clients).
• Port MAC locking is used to enable security on a per-port basis. When a
port is locked, only packets with allowable source MAC addresses can be
forwarded. All other packets are discarded. Port-MAC locking allows a
configurable limit to the number of source MAC addresses that can be
learned on a port.
NOTE: Port-based security can also be accomplished by using Access Control
Lists (ACLs). For information about configuring ACLs, see "Configuring Access
Control Lists" on page 583.