Filter
Top Products
F-5
Security Information
Setting Inbound Security with Intruder Prevention
Security Information
Auto Port Disable
Any port may be configured to be disabled automatically when an intruder’s
MAC address is detected. This feature is automatically controlled by your
selection of the Authorized Address Selection Method for the port: If the
address used is the “first heard” or an “assigned” address, the port will be
disabled automatically when an intruder is detected. If the address is “learned
continuously”, the port will not be automatically disabled.
Note Auto port disable may not be used on cascaded ports, ports connected to a
network with multiple end users, or ports configured to learn the authorized
MAC address continuously.
The auto port disable feature compares the authorized MAC address of the
port to the source address of the packet inbound to the hub at that port. If the
authorized address and the source address do not match, the HP hub will
automatically disable the port.
Once a port is disabled because of a security violation, to resume operation,
the port must be re-enabled either by using the hub console interface’s Port
command, or from the network management station.
A bit error in the source address field of the packet will not cause the port
to be disabled. In this case, the hub detects a CRC error for the packet and
does not consider it as a security violation.
Send Alarm
Any port may be configured to send an alarm (trap notification) to the network
management station when an unauthorized MAC address or a new MAC
address is detected on a secure port.
To use the “send alarm” feature, you must authorize at least one network
management station to receive the trap notifications by entering the IP or IPX
address of the network management station in the authorized managers list.
Use the Managers command from the hub’s console to configure these
addresses. See chapter 3, “Managing the Hub” for more information on this
command.
MUCHO.BK : CF.FM5 Page 5 Thursday, June 26, 1997 11:37 AM