Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

414

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

8

FIGURE 20

Profile - VM Interfaces Security screen

10. Refer to the Access Control field. As part of the VM interface’s security configuration, IP

Inbound and MAC Inbound address firewall rules are required.

Use the IP Inbound Firewall Rules and MAC Inbound Firewall Rules drop-down menus to select
the firewall rules to apply to this profile’s VM interface configuration.

The firewall inspects IP and MAC traffic flows and detects attacks typically not visible to
traditional wired firewall appliances.

If a firewall rule does not exist suiting the data protection needs of the target VM interface
configuration, select the Create icon to define a new rule configuration, or the Edit icon to
modify an existing firewall rule configuration.

11. Refer to the Trust field to set the following:

12. Select OK to save the changes to the security configuration. Select Reset to revert to the last

saved configuration.

Trust ARP Responses

Select this option to enable ARP trust on this VM interface. ARP packets received on this port are
considered trusted, and information from these packets is used to identify rogue devices. The default
value is disabled.

Trust DHCP Responses

Select this option to enable DHCP trust on this VM interface. If enabled, only DHCP responses are
trusted and forwarded on this VM interface, and a DHCP server can be connected only to a DHCP
trusted port. The default value is enabled.

ARP header Mismatch
Validation

Select this option to enable a source MAC mismatch check in both the ARP and Ethernet header. The
default value is enabled.

Trust 802.1p COS values

Select this option to enable 802.1p COS values on this VM interface. The default value is enabled.

Trust IP DSCP

Select this option to enable IP DSCP values on this VM interface. The default value is enabled.