Security violations and intrusion actions – Allied Telesis AT-S60 User Manual

Chapter 7: Port Security

Section II: Local and Telnet Management

104

Security

Violations and

Intrusion

Actions

When you set a port’s security level, you can also set the action a port
performs in the event it receives an invalid frame. This is referred to as
intrusion (intruder) action.

Before defining the intrusion actions, it can help to understand first what
constitutes an invalid frame. This differs for each security level, as
explained here:

❑ Limited Security Level - This security level works by setting a

maximum number of MAC addresses that a port can learn. An
invalid frame for the limited security level is an ingress frame with
a new source MAC address after the port has reached its
maximum number of dynamic MAC addresses. (A new source
MAC address is a MAC address that has not been previously
learned by the port.) Also, a MAC address that was not assigned to
the port as a static address is considered an invalid frame.

❑ Secured Security Level - An invalid frame for this security level is

an ingress frame with a source MAC address that was not entered
as a static address on the port.

❑ Locked - An invalid frame for this security level is an ingress frame

with a source MAC address that the port has not already learned
or that was not assigned as a static address.

You can configure what a port does if it receives an invalid frame. Here
are the options:

❑ Discard the invalid frame.

❑ Discard the invalid frame and send a trap.

❑ Discard the invalid frame, send a trap, and disable the port.