Blocking unauthorized traffic, Blocking unauthorized traffic -3 – HP 2600 Series User Manual

9-3

Configuring and Monitoring Port Security

Overview

General Operation for Port Security.

On a per-port basis, you can

configure security measures to block unauthorized devices, and to send notice
of security violations. Once you have configured port security, you can then
monitor the network for security violations through one or more of the
following:

■

Alert flags that are captured by network management tools

■

Alert Log entries in the switch’s web browser interface

■

Event Log entries in the console interface

■

Intrusion Log entries in either the menu interface, CLI, or web
browser interface

For any port, you can configure the following:

■

Authorized (MAC) Addresses:

Specify up to eight devices (MAC

addresses) that are allowed to send inbound traffic through the port.
This feature:

•

Closes the port to inbound traffic from any unauthorized devices
that are connected to the port.

•

Provides the option for sending an SNMP trap notifying of an
attempted security violation to a network management station
and, optionally, disables the port. (For more on configuring the
switch for SNMP management, refer to “Trap Receivers and
Authentication Traps” in the Management and Configuration
Guide

for your switch.)

Blocking Unauthorized Traffic

Unless you configure the switch to disable a port on which a security violation
is detected, the switch security measures block unauthorized traffic without
disabling the port. This implementation enables you to apply the security
configuration to ports on which hubs, switches, or other devices are
connected, and to maintain security while also maintaining network access to
authorized users. For example: