Nortel Networks 1000ASE-XD User Manual

110

Chapter 3 Using the console interface

209418-A

Partition Port on Intrusion
Detected:

This field value determines how the switch reacts to an intrusion event. When
an intrusion even is detected (see MAC Address Security field description)
the specified switch port is set to Disabled (partitioned from other switch
ports).

When the field is set to:

•

Disabled - the port remains enabled, even if an intrusion event is
detected.

•

Enabled - the port becomes disabled, then automatically resets to
enabled depending on the value set in the Partition Time field.

•

Forever - the port becomes disabled, and remains disabled (partitioned).
The Partition Time field cannot be used automatically reset the port to
Enabled if you set this field to Forever.

You can always manually set the port’s status field to Enabled using the Port
Configuration screen (see

“Port Configuration screen” on page 129

).

Default

Disabled

Range

Disabled, Enabled, Forever

Partition Time

This field appears only when the Partition Port on Intrusion Detected field is
set to enabled. This field determines the length of time a partitioned port
remains disabled. This field is not operational when the Partition Port on
Intrusion Detected field is set to Forever.

Default

0 seconds (the value 0 indicates forever)

Range

0-65536 seconds

DA Filtering on Intrusion
Detected:

When set to Enabled, this field isolates the intruding node by filtering
(discarding) packets sent to that MAC address.

Default

Disabled

Range

Disabled, Enabled

Generate SNMP Trap on
Intrusion

When set to enabled and a MAC intrusion event is detected, the software
issues an SNMP trap message to all registered SNMP trap addresses (see

“SNMP Configuration screen” on page 99

).

Default

Disabled

Range

Disabled, Enabled

Table 16 MAC Address Security Configuration screen fields (continued)

Field

Description