Cabletron Systems SPECTRUM TRMMIM User Manual
Page 107
Launching the Security Configuration Window
6-5
Ring Security Configuration
Vendor
This field, visible in both list boxes, displays the vendor associated with each list
entry, as determined by the first three bytes in its MAC address.
Security Mode Options
The Security Mode options at the top of the Security Config window display the
current security configuration, and allow you to reconfigure security. When you
select the Warn mode, that level of security will immediately be set at the device;
when you select the Warn and Remove mode, you will be asked to confirm your
selection.
Disable Security
If this option is selected, no security is set at the device. Any station can attempt to
enter the ring without security action being taken. Security is disabled by default.
Enable Security
If Enable Security is selected, one of two Security Mode options is in effect; these
modes determine what action will be taken when an unknown MAC address (i.e.,
one not in the Allowed List) is detected trying to enter the ring. The two Security
Mode options are:
Warn
In Warn mode, new stations can enter the ring, but a
“Station Added” trap will be sent to the network
management station in response. This trap message is
only sent once, and it includes the new station’s MAC
address. Because new stations can still be added to the
Allowed List in Warn Mode, you can use this mode to
allow new users to enter the ring; while in Warn mode,
the TRMMIM automatically enters the MAC address of
each inserted station on the ring in the Allowed List. This
saves you from entering MAC addresses one at time
using the Add button.
Warn and Remove
This is the highest level of ring security, which will lock
the ring to new stations. While in the Warn and Remove
mode, the TRMMIM sends a “Remove MAC Frame”
command to any unauthorized station attempting to
enter the ring, and a trap to your management station
informing it of the action taken. The TRMMIM will try
three times to remove an unauthorized station from the
ring; if after three attempts the station cannot be
removed, a trap will be sent to the management station
informing it that the station could not be removed.