System information
Configuring and Monitoring Port Security
Overview
Overview
Feature Default Menu CLI Web
Displaying Current Port Security n/a — page 10-7 page 10-31
Configuring Port Security disabled — page 10-10 page 10-31
Retention of Static Addresses n/a — page 10-15 n/a
MAC Lockdown disabled — page 10-20
MAC Lockout disabled — page 10-28
Intrusion Alerts and Alert Flags n/a page 10-37 page 10-35 page 10-38
Port Security (Page 10-3). This feature enables you to configure each
switch port with a unique list of the MAC addresses of devices that are
authorized to access the network through that port. This enables individual
ports to detect, prevent, and log attempts by unauthorized devices to commu-
nicate through the switch.
Note This feature does not prevent intruders from receiving broadcast and multi-
cast traffic. Also, Port Security and MAC Lockdown are mutually exclusive on
a switch. If one is enabled, then the other cannot be used.
MAC Lockdown (Page 10-20). This feature, also known as “Static
Addressing”, is used to prevent station movement and MAC address “hijack-
ing” by allowing a given MAC address to use only an assigned port on the
switch. MAC Lockdown also restricts the client device to a specific VLAN.
(See also the Note, above.)
MAC Lockout (Page 10-28). This feature enables you to block a specific
MAC address so that the switch drops all traffic to or from the specified
address.
10-2