Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

108

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

5

FIGURE 38

Profile Overrides - Port Channels Security screen

14. Refer to the Access Control field. As part of the port channel’s security configuration, Inbound

IP and MAC address firewall rules are required.

Use the Inbound IP Firewall Rules and Inbound MAC Firewall Rules drop-down menus to select
or override the firewall rules to apply to this profile’s port channel configuration.

The firewall inspects IP and MAC traffic flows and detects attacks typically not visible to
traditional wired firewall appliances.

If a firewall rule does not exist suiting the data protection needs of the target port channel
configuration, select the Create icon to define a new rule configuration, or the Edit icon to
modify (override) an existing firewall rule configuration. For more information, see

Wireless

Firewall

.

15. Refer to the Trust section to define or override the following:

Trust ARP Responses

Select this option to enable ARP trust on this port channel. ARP packets received on this port are
considered trusted, and information from these packets is used to identify rogue devices. The default
value is disabled.

Trust DHCP Responses

Select this option to enable DHCP trust. If enabled, only DHCP responses are trusted and forwarded
on this port channel, and a DHCP server can be connected only to a DHCP trusted port. The default
value is enabled.

ARP header Mismatch
Validation

Select this option to enable a source MAC mismatch check in both the ARP and Ethernet header. The
default value is enabled.

Trust 802.1p COS values

Select this option to enable 802.1p COS values on this port channel. The default value is enabled.

Trust IP DSCP

Select this option to enable IP DSCP values on this port channel. The default value is disabled.