Port security commands, Port security commands -2, Table 23-1 client security commands -2 – SMC Networks TigerAccess SMC7816M User Manual

C

LIENT

S

ECURITY

C

OMMANDS

23-2

Port Security Commands

These commands can be used to enable port security on a port. When
using port security, the switch stops learning new MAC addresses on the
specified port when it has reached a configured maximum number. Only
incoming traffic with source addresses already stored in the dynamic or
static address table for this port will be authorized to access the network.
The port will drop any incoming frames with a source MAC address that is
unknown or has been previously learned from another port. If a device
with an unauthorized MAC address attempts to use the switch port, the
intrusion will be detected and the switch can automatically take action by
disabling the port and sending a trap message.

Table 23-1 Client Security Commands

Command Group

Function

Page

Private VLANs

Configures private VLANs, including uplink and
downlink ports

32-17

Port Authentication Configures host authentication on specific ports

using 802.1X

22-34

Port Security

*

Configures secure addresses for a port

23-2

Packet Filtering

*

Filters packets with specified IP/MAC addresses,
NetBIOS packets, and DHCP requests or replies

23-5

IP Source Guard

*

Filters IP traffic on unsecure ports for which the
source address cannot be identified via DHCP
snooping nor static source bindings

23-11

DHCP Snooping

*

Filters untrusted DHCP messages on unsecure ports
by building and maintaining a DHCP snooping
binding table

23-17

*

The priority of execution for these filtering commands is Port Security, Packet
Filtering, IP Source Guard, and then DHCP Snooping.