3 port security – PLANET FGSW-2840 User Manual

User’s Manual of FGSW-2840 / FGSW-4840S

4.3.1.3 Port Security

MAC Address Table maintains the mapping relationship between the port and the MAC address of the connected device, which

is the base of the packet forwarding. The capacity of MAC Address Table is fixed. MAC Address Attack is the attack method that

the attacker takes to obtain the network information illegally. The attacker uses tools to generate the cheating MAC address and

quickly occupy the MAC Address Table. When the MAC Address Table is full, the Managed Switch will broadcast the packets to

all the ports. At this moment, the attacker can obtain the network information via various sniffers and attacks. When the MAC

Address Table is full, the packets traffic will flood to all the ports, which results in overload, lower speed, packets drop and even

breakdown of the system.

Port Security is to protect the Managed Switch from the malicious MAC Address Attack by limiting the maximum number of MAC

addresses that can be learned on the port. The port with Port Security feature enabled will learn the MAC address dynamically.

When the learned MAC address number reaches the maximum, the port will stop learning. Thereafter, the other devices with the

MAC address unlearned cannot access the network via this port; the screen in

Figure 4-3-6

appears.

Figure 4-3-6:

Port Security Page Screenshot

The page includes the following fields:

Object

Description

Port Security

68