1 port security configuration, Port security overview, Introduction – H3C Technologies H3C S3600 Series Switches User Manual

1-1

1

Port Security Configuration

The following new features are added:

z

The port in the macAddressOrUserLoginSecure mode supports guest VLAN configuration. For

details, refer to

Configuring Guest VLAN for a Port in macAddressOrUserLoginSecure mode

.

z

The security MAC addresses that the port learns automatically supports aging. For details, refer to

Configuring Secure MAC Addresses

.

When configuring port security, go to these sections for information you are interested in:

z

Port Security Overview

z

Port Security Configuration Task List

z

Displaying and Maintaining Port Security Configuration

z

Port Security Configuration Examples

The security modes of the port security feature provide extended and combined use of 802.1X

authentication and MAC authentication. They apply to scenarios that require both 802.1X

authentication and MAC authentication. For scenarios that require only 802.1X authentication or MAC

authentication, you are recommended to configure 802.1X authentication or MAC authentication rather

than port security for simplicity.

Port Security Overview

Introduction

Port security is a security mechanism for network access control. It is an expansion to the current

802.1X and MAC authentication.

Port security allows you to configure a port to operate in an intended security mode to control the MAC

address learning or user authentication on the port. This enables the switch to learn legal source MAC

addresses, so as to implement network security management as needed.

With port security enabled, packets whose source MAC addresses cannot be learned by your switch in

a security mode are considered illegal packets; the events that cannot pass 802.1X authentication or

MAC authentication are considered illegal.