Allied Telesis AT-S63 User Manual
Page 347

AT-S63 Management Software Web Browser User’s Guide
Section VI: Port Security
347
4. From the Security Mode pull-down menu, select the desired port
security level for the port. Options are:
Automatic
Disables MAC address-based port security on a port. This is the 
default setting.
Limited
Allows you to specify a maximum number of dynamic source MAC 
addresses a port can learn. After learning its maximum number of 
addresses, a port discards all ingress frames with source MAC 
addresses not already learned.
When the Limited security mode is initially activated on a port, all 
dynamic MAC addresses learned by the port are deleted from the 
MAC address table. The port then begins to learn new addresses, up 
to the maximum allowed. After the port has learned its maximum 
number of addresses, it does not learn any new addresses, even when 
end nodes are inactive.
A dynamic MAC address learned on a port operating in the Limited 
security mode never times out from the MAC address table, even 
when the corresponding end node is inactive. 
Static MAC addresses are retained by the port and are not included in 
the count of maximum dynamic addresses. You can continue to add 
static MAC addresses to a port operating with this security level, even 
after the port has already learned its maximum number of dynamic 
MAC addresses. A switch port can have up to 255 dynamic and static 
MAC addresses.
Secured
Instructs a port to forward frames using only static MAC addresses. 
The port does not learn any dynamic MAC addresses and deletes any 
dynamic addressees that it has already learned. Only those end nodes 
whose MAC addresses are entered as static addresses are able to 
forward frames through the port.
After activating this security level, you must enter the static MAC 
addresses of the end nodes to be allowed to forward frames through 
the port.
Locked
Instructs a port to immediately stop learning new dynamic MAC 
addresses. Frames are forwarded using the dynamic MAC addresses 
already learned by the port has and any static MAC addresses 
assigned to the port.
Dynamic MAC addresses learned by the port prior to the activation of 
this security level never time out from the MAC address table, even 
when the corresponding end nodes are inactive. The port will not learn 
any new dynamic addresses.
