Mac security, Mac security implementation in the c360 – Avaya C360 User Manual

Avaya C360 Layer 2 Features

132 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5

MAC Security

The MAC security function is intended to filter incoming frames (from the line) with an
unauthorized source MAC address (SA).

MAC Security Implementation in the C360

When a frame is received on a secured port, its source MAC address is checked against the
secured MAC Address Table. If either the source MAC address is not found there, or it is found
but with a different ingress port location, then the frame is rejected

The C360 can be configured to take one of the following actions when an attempted intrusion
occurs:

●

Drop – Drops the packets for five seconds.

●

Drop and notify – Drops the packets for five seconds and sends a notification to the
management station.

●

Disable and notify – Permanently disables the packets and sends a notification to the
management station.

When the C360 is configured to send traps to report attempted intrusion, to prevent the flooding
of the Console's trap log / network, the Agent sends an intruder alert every five seconds for the
first 3 times a specific intruder is detected on a port, and then every 15 minutes if the intrusion
continues.

You should first enable the MAC security global mode (use the set security mode CLI
command) and then configure the ports which should be secured (use the set port
security CLI

command). When setting a port to secured, the MAC addresses that a

Set the port as an RSTP edge
port or non-edge port

set port edge admin state

Set the port point-to-point admin
status

set port point-to-point admin
status

Show the port's point-to-point
admin and operational RSTP
status

show port point-to-point status

In order to...

Use the following
command...

2 of 2