Security > port security, Chapter 4, Configuration using the web-based utility – Linksys Business Smart Gigabit Ethernet Switch SLM2048 User Manual

Chapter 4

Configuration Using the Web-based Utility



Business Series Smart Gigabit Ethernet Switch

Security > Port Security

The Port Security screen is used to configure a port’s

security settings.

Security > Ports Security

Network security can be increased by limiting access on

a specific port only to users with specific MAC addresses.

MAC addresses can be dynamically learned or statically

configured.
Locked port security monitors both received and learned

packets that are received on specific ports. Access to the

locked port is limited to users with specific MAC addresses.

These addresses are either manually defined on the port,

or learned on that port up to the point when it is locked.

When a packet is received on a locked port, and the

packet’s source MAC address is not tied to that port (either

it was learned on a different port, or it is unknown to the

system), the protection mechanism is invoked, and can

provide various options. Unauthorized packets arriving at

a locked port are either:

Forwarded
Discarded
Cause the port to be shut down

Locked port security also enables storing a list of MAC

addresses in the configuration file. The MAC address list

can be restored after the device has been reset.
Disabled ports can be reactivated from the Port Settings

screen of the Port Management tab.

Interface

Select Port or LAG, then select the desired

interface from the appropriate drop-down menu.

Lock Interface

Select this option to lock the interface.

The default is not selected (interface not locked).

•

•

•

Learning Mode

Defines the locked port type. This field

is enabled only if Lock Interface is not selected. The

possible values are:

Classic Lock

Locks the port using the classic lock

mechanism. The port is immediately locked, regardless

of how many addresses have already been learned.

Limited Dynamic Lock

Locks the port by deleting

the current dynamic MAC addresses associated with

the port. The port learns up to the maximum number

of addresses allowed on the port. Both relearning and

aging MAC addresses are enabled.

In order to change the Learning Mode, the Lock Interface

must be unselected. Once the Learning Mode is changed,

the Lock Interface can be reinstated.

Max Entries

Specifies the number of MAC addresses

that can be learned on the port. This field is enabled only

if Learning Mode is set to Limited Dynamic Lock. The

default value is .

Action on Violation

Indicates the action to be applied to

packets arriving on a locked port. The possible values are:

Discard

Discards packets from any unlearned source.

This is the default value.

Forward

Forwards packets from an unknown source

without learning the MAC address.

Shutdown

Discards packets from any unlearned

source and shuts down the port. The port remains shut

down until reactivated, or until the device is reset.

Update

If you click this button, your changes are saved

and appear immediately in the table at the bottom of the

Port Security screen.
The lower portion of the Port Security screen displays

a summary of the settings in the upper portion of the

screen. The settings are displayed for each of the ports

on the Switch.
Click Save Settings to apply the changes, or Cancel

Changes to cancel the changes.

•

•

•

•

•