1 introduction to am function, 2 am function configuration task list, Ntroduction to – QTECH QSW-3400 Инструкция по настройке User Manual

+7(495) 797-3311 www.qtech.ru
Москва, Новозаводская ул., 18, стр. 1

345

Chapter 42 Operational Configuration of AM

Function

42.1 Introduction to AM Function

AM (Access Management) means that when a switch receives an IP or ARP message, it will

compare the information extracted from the message (such as source IP address or source

MAC-IP address) with the configured hardware address pool. If there is an entry in the address

pool matching the information (source IP address or source MAC-IP address), the message

will be forwarded, otherwise, dumped. The reason why source-IP-based AM should be

supplemented by source-MAC-IP-based AM is that IP address of a host might change. Only

with a bound IP, can users change the IP of the host into forwarding IP, and hence enable the

messages from the host to be forwarded by the switch. Given the fact that MAC-IP can be

exclusively bound with a host, it is necessary to make MAC-IP bound with a host for the

purpose of preventing users from maliciously modifying host IP to forward the messages from

their hosts via the switch.

With the interface-bound attribute of AM, network mangers can bind the IP (MAC-IP) address

of a legal user to a specified interface. After that, only the messages sending by users with

specified IP (MAC-IP) addresses can be forwarded via the interface, and thus strengthen the

monitoring of the network security.

42.2 AM Function Configuration Task List

1. Enable AM function

2. Enable AM function on an interface

3. Configure the forwarding IP

4. Configure the forwarding MAC-IP

5. Delete all of the configured IP or MAC-IP or both

6. Display relative configuration information of AM

1. Enable AM function

Command

Explanation

Global Mode

am enable

no am enable

Globally enable or disable AM function.