Chapter 13 port security, Overview – NETGEAR 7000 Series Managed Switch User Manual

13-1

v1.0, May 2008

Chapter 13

Port Security

This section describes the Port Security feature.

Overview

Port Security:

•

Allows for limiting the number of MAC addresses on a given port

•

Packets that have a matching MAC address (secure packets) are forwarded; all other packets
(unsecure packets) are restricted

•

Enabled on a per port basis

•

When locked, only packets with allowable MAC address will be forwarded

•

Supports both dynamic and static

•

Implement two traffic filtering methods

–

Dynamic Locking - User specifies the maximum number of MAC addresses that can be
learned on a port. The maximum number of MAC addresses is platform dependent and is
given in the software Release Notes. After the limit is reached, additional MAC addresses
are not learned. Only frames with an allowable source MAC address are forwarded.

–

Static Locking - User manually specifies a list of static MAC addresses for a port.
Dynamically locked addresses can be converted to statically locked addresses.

These methods can be used concurrently