HP (Hewlett-Packard) 2600 Switch User Manual


 
Configuring and Monitoring Port Security
Operating Notes for Port Security
a. Click on the Security tab.
b. Click on
[Intrusion Log]. “Ports with Intrusion Flag” indicates any ports
for which the alert flag has not been cleared.
c. To clear the current alert flags, click on
[Reset Alert Flags].
To access the web-based Help provided for the switch, click on
[?] in the web
browser screen.
Operating Notes for Port Security
Identifying the IP Address of an Intruder. The Intrusion Log lists
detected intruders by MAC address. Proxy Web Servers
If you are using the switch’s web browser interface through a switch port
configured for Static port security, and your browser access is through a proxy
web server, then it is necessary to do the following:
Enter your PC or workstation MAC address in the port’s Authorized
Addresses list.
Enter your PC or workstation’s IP address in the switch’s IP Autho-
rized Managers list. See chapter 11, “Using Authorized IP Managers”.)
Without both of the above configured, the switch detects only the proxy
server’s MAC address, and not your PC or workstation MAC address, and
interprets your connection as unauthorized.
“Prior To” Entries in the Intrusion Log. If you reset the switch (using the
Reset button, Device Reset, or Reboot Switch), the Intrusion Log will list the
time of all currently logged intrusions as “prior to” the time of the reset.
Alert Flag Status for Entries Forced Off of the Intrusion Log. If the
Intrusion Log is full of entries for which the alert flags have not been reset, a
new intrusion will cause the oldest entry to drop off the list, but will not change
the alert flag status for the port referenced in the dropped entry. This means
that, even if an entry is forced off of the Intrusion Log, no new intrusions can
be logged on the port referenced in that entry until you reset the alert flags.
9-36