Configuring security, Configuring security -6 – Cabletron Systems EMM-E6 User Manual
Page 92
Security
7-6
Configuring Security
Configurable violation response
You can still choose to allow ports to remain enabled even after an unsecured
address has attempted to access a locked port. If you choose not to disable a port
which has experienced a violation, however, the port’s only response to an
intruder will be to issue a trap after the first violation; all packets, regardless of
source address, will be allowed to pass.
Forced non-secure status
With the enhanced version of
LANVIEW
SECURE
, even ports on non-
LANVIEW
SECURE
MIMS can be forced to an unsecurable status (as long as they
are currently unlocked).
Learned addresses reset
You can still use the Reset Learned Addresses option in the repeater-, board-, or
port-level Security window to clear all learned and secured addresses out of the
selected port(s) address table, and allow that port to begin learning (and securing)
new addresses. Note that you cannot reset learned addresses on a locked port or
on a port which is designated unsecurable.
Eavesdrop protection (scrambling), trunk port locking, continuous lock mode,
and the floating address cache are not available for non-
LANVIEW
SECURE
MIMs
(A-channel MIMs and non-
LANVIEW
SECURE
RIC MIMs) or for any
LANVIEW
SECURE
TPXMIM ports configured to operate on Channel A.
Configuring Security
Most Security parameters are set via the port-level Security window; these will
apply to the configured port regardless of the level at which security is enabled.
To access the Port Security window:
1.
In the Repeater Security window, click to select the interface for which you
would like to configure port-level security.
2.
Click mouse button 1 on
; the Channel X Port Security window,