beautypg.com

Reading intrusion alerts and resetting alert flags, Notice of security violations, Notice of security violations -20 – SMC Networks SMC TigerStack II SMC6624M User Manual

Page 140

background image

7-20

Using Passwords, Port Security, and Authorized IP Managers To Protect Against Unauthorized Access
Configuring and Monitoring Port Security

Usi

ng P

a

sswo

rds,

P

o

rt

Se

c

u

rity,

a

n

d

A

u

th

o

riz

e

d

IP

Web: Displaying and Configuring Port Security Features

1.

Click on the

Security tab.

2.

Click on [Port Security].

3.

Select the settings you want and, if you are using the Static Learn Mode,
add or edit the Authorized Addresses field.

4.

Implement your new data by clicking on [Apply Changes].

Reading Intrusion Alerts and Resetting Alert Flags

Notice of Security Violations

When the switch detects an intrusion on a port, it sets an “alert flag” for that
port and makes the intrusion information available as described below. While
the switch can detect additional intrusions for the same port, it does not list
the next chronological intrusion for that port in the Intrusion Log until the
alert flag for that port has been reset

.

When a security violation occurs on a port configured for Port Security, the
switch responds in the following ways to notify you:

The switch sets an alert flag for that port. This flag remains set until:

You use either the CLI, menu interface, or web browser interface to
reset the flag.

The switch is reset to its factory default configuration.

The switch enables notification of the intrusion through the following
means:

In the CLI:

The

show intrusion-log

command displays the Intrusion Log

The

log

command displays the Event Log

In the menu interface:

The Port Status screen includes a per-port intrusion alert

The Event Log includes per-port entries for security violations

In the web browser interface:

The Alert Log’s Status | Overview window includes entries for per-
port security violations

The Intrusion Log in the Security | Intrusion Log window lists per-
port security violation entries

In EliteView via an SNMP trap sent to a net management station

See also other documents in the category SMC Networks Computer Accessories: