Port security commands, Port security commands -2, Table 23-1 client security commands -2 – SMC Networks TigerAccess SMC7816M User Manual
Page 590
C
LIENT
S
ECURITY
C
OMMANDS
23-2
Port Security Commands
These commands can be used to enable port security on a port. When
using port security, the switch stops learning new MAC addresses on the
specified port when it has reached a configured maximum number. Only
incoming traffic with source addresses already stored in the dynamic or
static address table for this port will be authorized to access the network.
The port will drop any incoming frames with a source MAC address that is
unknown or has been previously learned from another port. If a device
with an unauthorized MAC address attempts to use the switch port, the
intrusion will be detected and the switch can automatically take action by
disabling the port and sending a trap message.
Table 23-1 Client Security Commands
Command Group
Function
Page
Private VLANs
Configures private VLANs, including uplink and
downlink ports
Port Authentication Configures host authentication on specific ports
using 802.1X
Port Security
*
Configures secure addresses for a port
Packet Filtering
Filters packets with specified IP/MAC addresses,
NetBIOS packets, and DHCP requests or replies
IP Source Guard
Filters IP traffic on unsecure ports for which the
source address cannot be identified via DHCP
snooping nor static source bindings
DHCP Snooping
Filters untrusted DHCP messages on unsecure ports
by building and maintaining a DHCP snooping
binding table
*
The priority of execution for these filtering commands is Port Security, Packet
Filtering, IP Source Guard, and then DHCP Snooping.