Filter
Top Products
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE
FIGURE 55 – Show log and clear log command. The show log command indicates the type of log activity
in the S column
The log shows the most recent intrusion at the top of the listing. If the log is filled when the
switch detects a new intrusion, the oldest entry is dropped off the listing.
As discussed in the prior section, any port can be set to monitor security as well as make a
log on the intrusions that take place. The logs for the intrusions are stored on the switch.
When the switch detects an intrusion on a port, it sets an “alert flag” for that port and
makes the intrusion information available.
The default log size is 50 rows. To change the log size, use the
“set logsize” command.
When the switch detects an intrusion attempt on a port, it records the date and time
stamp, the MAC address, the port on which the access was attempted and the action taken
by MNS-6K software. The event log lists the most recently detected security violation
attempts. This provides a chronological entry of all intrusions attempted on a specific
port.
The event log records events as single-line entries listed in chronological order, and serves
as a tool for isolating problems. Each event log entry is composed of four fields
Severity – the level of severity (see below)
Date – date the event occurred on. See Chapter 3 on setting the date and time
on the
switch
Time – time the event occurred on. See Chapter 3 on setting the date and time on the
switch
Log Description – description of event as detected by the switch
Severity
is one of 8 severities described at the beginning of this section.
Authorized managers
Just as port security allows and disallows specific MAC addresses from accessing a network, the
MNS-6K software can allow or block specific IP addresses or a range of IP addresses to access
the switch. The command used for that is
Syntax access – access configuration mode
Syntax allow ip=<ipaddress> mask=<netmask> service=<name|list> - authorize
managers
Syntax deny ip=<ipaddress> mask=<netmask> service=<name|list> - deny access
to a specific IP address(s) or a subnet
73