Filter
Top Products
6-119
Configuring the Switch
Configuring and Monitoring Port Security
Configuring the Switch
■ Prevent Eavesdropping: Block outbound traffic with unknown
destination addresses from exiting through the port. This prevents an
unauthorized device on the port from eavesdropping on the flooded
unicast traffic intended for other devices.
Note The switch security measures block unauthorized traffic without disabling the
port. This implementation enables you to apply the security configuration to
ports on which hubs or other switches are connected, and to maintain security
while also maintaining network access to authorized users.
Configuring Port Security
Planning
1. Plan your port security configuration and monitoring according to the
following:
a. On which ports do you want to configure intruder security?
b. Which devices (MAC addresses) are authorized on each port (up to 8
per port)?
c. For each port, what security actions do you want? You can do one or
both of the following:
– Block intruders from transmitting to the network
– Prevent intruders from eavesdropping on network traffic
d. How do you want to learn of the security violation attempts the switch
detects? You can use one or more of these methods:
– Through network management (That is, do you want an SNMP
trap sent to a net management station when a port detects a
security violation attempt?)
– Through the switch’s web browser interface (Alert Log and Intru-
sion Log)
– Through the Event Log and the Intrusion Log in the switch
console interface
2. Use the web browser interface and/or the switch console to configure port
security. The following table describes the parameters.