Allied Telesis AT-S63 User Manual
Page 393
AT-S63 Management Software Web Browser Interface User’s Guide
Section VI: Port Security
393
4. From the Security Mode pull-down menu, select the desired port
security level for the port. Options are:
Automatic
Disables port security on a port. This is the default setting.
Limited
Allows you to specify a maximum number of dynamic source MAC
addresses a port can learn. Once a port has learned its maximum
number, it will not learn any new addresses and will only accept frames
from the source nodes of the learned addresses.
A dynamic MAC address learned on a port operating in the Limited
security mode never times out from the MAC address table, even
when the corresponding end node is inactive.
You can add static addresses to a port running this security level. Static
addresses are not included in the count of the maximum number of
dynamic addresses.
Secured
Instructs a port to forward frames using only static MAC address. The
port will not learn any dynamic MAC addresses and will delete any
dynamic addressees that it has already learned. Only those end nodes
whose MAC addresses are entered as static addresses can forward
frames through the port.
Locked
Instructs a port to immediately stop learning new dynamic MAC
addresses. Frames are forwarded using the dynamic MAC addresses
that the port has already learned and any static MAC addresses
assigned to the port.
Dynamic MAC addresses learned by the port prior to the activation of
this security level never time out from the MAC address table, even
when the corresponding end nodes are inactive. However, the port will
not learn any new dynamic addresses.
You can continue to add new static MAC addresses to a port operating
under this security level.
5. If you select the Limited security level, additional options are displayed
in the window for you to configure. They are defined here:
Intrusion Action
Specifies what the switch should do if a port receives an invalid frame.
Options are
Discard - Discards the invalid frame.
Trap - Discards the invalid frame and sends an SNMP trap.
Discard - Discards the invalid frame, sends an SNMP trap, and
disables the port.