HP (Hewlett-Packard) 2626 (J4900A/B) Switch User Manual


 
9-23
Configuring and Monitoring Port Security
MAC Lockdown
The key points for this Model Topology are:
The Core Network is separated from the edge by the use of switches
which have been “locked down” for security.
All switches connected to the edge (outside users) each have only one
port they can use to connect to the Core Network and then to Server A.
Each switch has been configured with MAC Lockdown so that the
MAC Address for Server A has been locked down to one port per
switch that can connect to the Core and Server A.
Using this setup Server A can be moved around within the core network, and
yet MAC Lockdown will still prevent a user at the edge from hijacking its
address and stealing data.
Please note that in this scenario a user with bad intentions at the edge can still
“spoof” the address for Server A and send out data packets that look as though
they came from Server A. The good news is that because MAC Lockdown has
been used on the switches on the edge, any traffic that is sent back to Server
A will be sent to the proper MAC Address because MAC Lockdown has been
used. The switches at the edge will not send Server A’s data packets anywhere
but the port connected to Server A. (Data would not be allowed to go beyond
the edge switches.)
Caution Using MAC Lockdown still does not protect against a hijacker within the core!
In order to protect against someone spoofing the MAC Address for Server A
inside the Core Network, you would have to lock down each and every switch
inside the Core Network as well, not just on the edge.
Problems Using MAC Lockdown in Networks With Multiple Paths. Now
let’s take a look at a network topology in which the use of MAC Lockdown
presents a problem. In the next figure, Switch 1 (on the bottom-left) is located
at the edge of the network where there is a mixed audience that might contain
hackers or other malicious users. Switch 1 has two paths it could use to
connect to Server A. If you try to use MAC Lockdown here to make sure that
all data to Server A is “locked down” to one path, connectivity problems would
be the result since both paths need to be usable in case one of them fails.