Operating notes for port security, Operating notes for port security -129 – HP 8000M User Manual
Page 205
6-129
Configuring the Switch
Configuring and Monitoring Port Security
C
o
n
fig
u
rin
g
th
e
Sw
itc
h
Operating Notes for Port Security
Identifying the IP Address of an Intruder.
The Intrusion Log lists intrud-
ers by MAC address. If you are using HP TopTools for Hubs & Switches to
manage your network, you can use the TopTools inventory reports to link MAC
addresses to their corresponding IP addresses. (Inventory reports are orga-
nized by device type; hubs, switches, servers, etc.)
Proxy Web Servers.
If you are using the switch’s web browser interface
through a switch port configured for Static port security, and your browser
access is through a proxy web server, then it is necessary to do the following:
■
Enter your PC or workstation MAC address in the port’s Authorized
Addresses list.
■
Enter your PC or workstation’s IP address in the switch’s IP Authorized
Managers list. See “Enhancing Security by Configuring Authorized Man-
agers” on page 6-21.)
Without both of the above configured, the switch detects only the proxy
server’s MAC address, and not your PC or workstation MAC address, and
interprets your connection as unauthorized.
Security Violations.
If you reset the switch (using the Reset button, Device
Reset, or Reboot Switch), the Intrusion Log will list the time of all currently
logged intrusions as “prior to” the time of the reset.
Alert Flag Status for Entries Forced Off of the Intrusion Log.
If the
Intrusion Log is full of entries for which the alert flags have not been reset, a
new intrusion will cause the oldest entry to drop off the list, but will not change
the alert flag status for the port referenced in the dropped entry. This means
that, even if an entry is forced off of the Intrusion Log, no new intrusions can
be logged on the port referenced in that entry until you reset the alert flags.