Port security overview, Automatic, Limited – Allied Telesis AT-S25 User Manual

Section II: Local and Telnet Mangement

68

Port Security Overview

The port security feature can enhance the security of your network. You
can use the feature to control which network devices can forward frames
through the stack.

There are four levels of port security. Only one security level can be
active on an AT-8300 Series stack at a time. The security levels are:

❑ Automatic

❑ Limited

❑ Secure

❑ Lock All Ports

Note

Only one security level can be active on a stack at a time. You cannot
assign different security levels on different switches in the same
stack.

Automatic

This mode disables port security. Each switch in the stack learns and
adds addresses to the dynamic MAC Address Table as it receives frames
on the ports. MAC addresses of inactive nodes are deleted from the table
according to the aging timer.

Note

The Automatic security mode is the default security level for a stack.

Limited

This security level allows you to manually specify the maximum number
of dynamic MAC addresses a group of ports on a switch can learn. Once
a group has learned its maximum limit, the ports within the group
discard ingress frames with source MAC addresses not already stored in
the MAC Address Table.

Before using this security level, please note the following:

❑ The maximum number of MAC addresses that a group of ports

can learn applies to the entire group, not to the individual ports.

❑ Once this mode is activated, the switches in the stack delete all

MAC addresses in the dynamic MAC Address Tables and
immediately begin learning new addresses, adding them to the
dynamic MAC Address Tables until a group reaches the maximum
limit.