3 authorized managers, Uthorized, Anagers – GE ML1600 User Manual

6–10

MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH – INSTRUCTION MANUAL

CONFIGURING PORT SECURITY THROUGH THE COMMAND LINE INTERFACE

CHAPTER 6: ACCESS CONSIDERATIONS

The default log size is 50 rows. To change the log size, use the

set logsize

command.

When the switch detects an intrusion attempt on a port, it records the date and time
stamp, the MAC address, the port on which the access was attempted and the action
taken by ML1600 software. The event log lists the most recently detected security violation
attempts. This provides a chronological entry of all intrusions attempted on a specific port.

The event log records events as single-line entries listed in chronological order, and serves
as a tool for isolating problems. Each event log entry is composed of four fields

• Severity - the level of severity (see below).
• Date - date the event occurred on. See Date and Time on page 5–9 for information

on setting the date and time on the switch.

• Time - time the event occurred on. See Date and Time on page 5–9 for information

on setting the date and time on the switch

• Log Description - description of event as detected by the switch

Severity has one of the following values, and depending on the severity type, is assigned a
severity level.

•

I

(information, severity level 1) indicates routine events.

•

A

(activity, severity level 2) indicates the activity on the switch.

•

D

(debug, severity level 3) is reserved for GE Multilin internal diagnostic information

•

C

(critical, severity level 4) indicates that a severe switch error has occurred.

•

F

(fatal, severity level 5) indicates that a service has behaved unexpectedly.

6.2.3

Authorized Managers

Just as port security allows and disallows specific MAC addresses from accessing a
network, the ML1600 software can allow or block specific IP addresses or a range of IP
addresses to access the switch. The

access

command allows access to configuration

mode:

access

The

allow ip

command allows specified services for specified IP addresses. IP addresses

can be individual stations, a group of stations or subnets. The range is determined by the IP
address and netmask settings.

allow ip=<ipaddress> mask=<netmask> service=<name|list>

The

deny ip

command denies access to a specific IP address(es) or a subnet. IP

addresses can be individual stations, a group of stations or subnets. The range is
determined by the IP address and netmask settings.

deny ip=<ipaddress> mask=<netmask> service=<name|list>

The

remove ip

command removes specific IP address(es) or subnet by eliminating

specified entry from the authorized manager list.

remove ip=<ipaddress> mask=<netmask>

The

removeall

command removes all authorized managers.

removeall

The

show ip-access

command displays a list of authorized managers

show ip-access