Managing Device Security
400
ProSafe M5300 Switch
To configure the global port security mode:
1. In the Port Security Mode field, select the appropriate radio button to enable or disable
port security on the switch.
2. Click APPLY to update the switch with the change.
3. Click CANCEL to abandon the change.
The Port Security Violation table shows information about violations that occurred on ports
that are enabled for port security. The following table describes the fields in the Port Security
Violation table.
Field Description
Port Displays the physical interface for which you want to display data.
Last Violation MAC Displays the source MAC address of the last packet that was discarded at a
locked port.
VLAN ID Displays the VLAN ID corresponding to the Last Violation MAC address.
Port Security Interface Configuration
A MAC address can be defined as allowable by one of two methods: dynamically or statically.
Both methods are used concurrently when a port is locked.
Dynamic locking implements a first arrival mechanism for Port Security. You specify how
many addresses can be learned on the locked port. If the limit has not been reached, then a
packet with an unknown source MAC address is learned and forwarded normally. When the
limit is reached, no more addresses are learned on the port. Any packets with source MAC
addresses that were not already learned are discarded. You can effectively disable dynamic
locking by setting the number of allowable dynamic entries to zero.
Static locking allows you to specify a list of MAC addresses that are allowed on a port. The
behavior of packets is the same as for dynamic locking: only packets with an allowable
source MAC address can be forwarded.
To display the Port Security Interface Configuration page, click Security
Traffic Control>
Port Security
Interface Configuration.