Configuring and monitoring port security, Basic operation, Basic operation -118 – HP 8000M User Manual
Page 194
6-118
Configuring the Switch
Configuring and Monitoring Port Security
C
o
n
fig
u
rin
g
th
e
Sw
itc
h
Configuring and Monitoring Port
Security
Using Port Security, you can configure each switch port with a unique list of
the MAC addresses of devices that are authorized to access the network
through that port. This enables individual ports to detect, prevent, and log
attempts by unauthorized devices to communicate through the switch.
Basic Operation
The default port security setting for each port is “off”. That is, any device can
access a port without causing a security reaction. However, on a per-port basis,
you can configure security measures to block unauthorized connections or
“listening”, and to send notice of security violations. Once you have configured
port security, you can then monitor the network for security violations through
one or more of the following:
■
Alert flags that are captured by network management tools such as
HP TopTools for Hubs & Switches
■
Alert Log entries in the switch’s web browser interface
■
Event Log entries in the console interface
■
Intrusion Log entries in either the switch’s web browser interface or
console interface
For any port, you can configure the following:
■
Authorized Addresses:
Specify up to eight devices (MAC
addresses) that are allowed to send inbound traffic through the port.
This feature:
•
Closes the port to inbound traffic from any unauthorized devices that
are connected to the port.
•
Automatically sends notice of an attempted security violation to the
switch’s Intrusion Log and to the Alert Log in the switch’s web browser
interface.
•
Sends an SNMP trap notifying of an attempted security violation to a
network management station. (For more on configuring the switch
for SNMP management, see page 6-14.)