SlideShare ist ein Scribd-Unternehmen logo

Port Security

NetProtocol Xpert
NetProtocol Xpert

Port Security

Ingenieurwesen
1 von 8
www.netprotocolxpert.in
 By default, all interfaces on a Cisco switch are turned on.  That means that an attacker could connect to your network through a wall socket and potentially threaten your network.  If you know which devices will be connected to which ports, you can use the Cisco security feature called port security.  By using port security, a network administrator can associate specific MAC addresses with the interface, which can prevent an attacker to connect his device.  This way you can restrict access to an interface so that only the authorized devices can use it. If an unauthorized device is connected, you can decide what action the switch will take, for example discarding the traffic and shutting down the port.
 To configure port security, three steps are required: 1. Define the interface as an access interface by using the switchport mode access interface subcommand 2. Enable port security by using the switchport port- security interface subcommand 3. Define which MAC addresses are allowed to send frames through this interface by using the switchport port-security mac-address MAC_ADDRESS interface subcommand or using the swichport port-security mac-address sticky interface subcommand to dynamically learn the MAC address of the currently connected host
 Two steps are optional: 1. Define what action the switch will take when receiving a frame from an unauthorized device by using the port security violation {protect | restrict | shutdown} interface subcommand. All three options discards the traffic from the unauthorized device. The restrict and shutdown options send a log messages when a violation occurs. Shut down mode also shuts down the port. 2. Define the maximum number of MAC addresses that can be used on the port by using the switchport port-security maximum NUMBER interface submode command
 The following example shows the configuration of port security on a Cisco switch:
 First, we need to enable port security and define which MAC addresses are allowed to send frames:
 Next, by using the show port-security interface fa0/1 we can see that the switch has learned the MAC address of host A:
 By default, the maximum number of allowed MAC addresses are one, so if we connect another host to the same port, the security violation will occur:  Status code of „err-disabled“ means that the security violation occurred on the port.  NOTE - to enable the port, we need to use the shutdown and no shutdown interface subcommands

Empfohlen

Switching and Port Security
Switching and Port Security Switching and Port Security
Switching and Port Securityusman19
 
Network Security- port security.pptx
Network Security- port security.pptxNetwork Security- port security.pptx
Network Security- port security.pptxSulSya
 
How to configure port security in cisco switch
How to configure port security in cisco switchHow to configure port security in cisco switch
How to configure port security in cisco switchIT Tech
 
Switch security
Switch securitySwitch security
Switch securitynullowaspmumbai
 
Ppt of routing protocols
Ppt of routing protocolsPpt of routing protocols
Ppt of routing protocolsBhagyashri Dhoke
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationNetProtocol Xpert
 
Networking Essentials 2.0 Module2.pptx
Networking Essentials 2.0 Module2.pptxNetworking Essentials 2.0 Module2.pptx
Networking Essentials 2.0 Module2.pptxTETALAVENKATASIVARED1
 
Hot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingHot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingShubhiGupta94
 

Empfohlen

Switching and Port Security
Switching and Port Security Switching and Port Security
Switching and Port Securityusman19
 
Network Security- port security.pptx
Network Security- port security.pptxNetwork Security- port security.pptx
Network Security- port security.pptxSulSya
 
How to configure port security in cisco switch
How to configure port security in cisco switchHow to configure port security in cisco switch
How to configure port security in cisco switchIT Tech
 
Switch security
Switch securitySwitch security
Switch securitynullowaspmumbai
 
Ppt of routing protocols
Ppt of routing protocolsPpt of routing protocols
Ppt of routing protocolsBhagyashri Dhoke
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationNetProtocol Xpert
 
Networking Essentials 2.0 Module2.pptx
Networking Essentials 2.0 Module2.pptxNetworking Essentials 2.0 Module2.pptx
Networking Essentials 2.0 Module2.pptxTETALAVENKATASIVARED1
 
Hot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingHot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingShubhiGupta94
 
Access control list 2
Access control list 2Access control list 2
Access control list 2Kishore Kumar
 
Networking devices
Networking devicesNetworking devices
Networking devicesrupinderj
 
CCNA BASIC SWITCHING AND SWITCH CONFIGURATION
CCNA BASIC SWITCHING AND SWITCH CONFIGURATIONCCNA BASIC SWITCHING AND SWITCH CONFIGURATION
CCNA BASIC SWITCHING AND SWITCH CONFIGURATIONAswini Badatya
 
Arp spoofing
Arp spoofingArp spoofing
Arp spoofingLuthfi Widyanto
 
CSMA /CD PPT ON SLIDESHARE
CSMA /CD PPT ON SLIDESHARECSMA /CD PPT ON SLIDESHARE
CSMA /CD PPT ON SLIDESHAREKhushboo Pal
 
Ipsec
IpsecIpsec
IpsecRupesh Mishra
 
Subnetting Presentation
Subnetting PresentationSubnetting Presentation
Subnetting PresentationTouhidul Fahim
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
Address resolution protocol (ARP)
Address resolution protocol (ARP)Address resolution protocol (ARP)
Address resolution protocol (ARP)NetProtocol Xpert
 
WAN Technologies slide show
WAN Technologies slide showWAN Technologies slide show
WAN Technologies slide showNavleshKumar singh
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacksdkaya
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service AttacksHansa Nidushan
 
Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocolTom Chou
 
Switchport port security explained with examples
Switchport port security explained with examplesSwitchport port security explained with examples
Switchport port security explained with examplesteameassefa
 
Dhcp
DhcpDhcp
DhcpChinmoy Jena
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefencePrakashchand Suthar
 
Chapter 4 data link layer
Chapter 4 data link layerChapter 4 data link layer
Chapter 4 data link layerNaiyan Noor
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Securitykentquirk
 
Layer 2 switching
Layer 2 switchingLayer 2 switching
Layer 2 switchingNetProtocol Xpert
 
Networking devices
Networking devicesNetworking devices
Networking devicesNetProtocol Xpert
 
Cisco CCNA Port Security
Cisco CCNA Port SecurityCisco CCNA Port Security
Cisco CCNA Port SecurityHamed Moghaddam
 
Port security
Port securityPort security
Port securityborepatch
 

Weitere ähnliche Inhalte

Was ist angesagt?

Access control list 2
Access control list 2Access control list 2
Access control list 2Kishore Kumar
 
Networking devices
Networking devicesNetworking devices
Networking devicesrupinderj
 
CCNA BASIC SWITCHING AND SWITCH CONFIGURATION
CCNA BASIC SWITCHING AND SWITCH CONFIGURATIONCCNA BASIC SWITCHING AND SWITCH CONFIGURATION
CCNA BASIC SWITCHING AND SWITCH CONFIGURATIONAswini Badatya
 
CSMA /CD PPT ON SLIDESHARE
CSMA /CD PPT ON SLIDESHARECSMA /CD PPT ON SLIDESHARE
CSMA /CD PPT ON SLIDESHAREKhushboo Pal
 
Subnetting Presentation
Subnetting PresentationSubnetting Presentation
Subnetting PresentationTouhidul Fahim
 
Address resolution protocol (ARP)
Address resolution protocol (ARP)Address resolution protocol (ARP)
Address resolution protocol (ARP)NetProtocol Xpert
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacksdkaya
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service AttacksHansa Nidushan
 
Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocolTom Chou
 
Switchport port security explained with examples
Switchport port security explained with examplesSwitchport port security explained with examples
Switchport port security explained with examplesteameassefa
 
Chapter 4 data link layer
Chapter 4 data link layerChapter 4 data link layer
Chapter 4 data link layerNaiyan Noor
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Securitykentquirk
 

Was ist angesagt? (20)

Access control list 2
Access control list 2Access control list 2
Access control list 2
 
Networking devices
Networking devicesNetworking devices
Networking devices
 
CCNA BASIC SWITCHING AND SWITCH CONFIGURATION
CCNA BASIC SWITCHING AND SWITCH CONFIGURATIONCCNA BASIC SWITCHING AND SWITCH CONFIGURATION
CCNA BASIC SWITCHING AND SWITCH CONFIGURATION
 
Arp spoofing
Arp spoofingArp spoofing
Arp spoofing
 
CSMA /CD PPT ON SLIDESHARE
CSMA /CD PPT ON SLIDESHARECSMA /CD PPT ON SLIDESHARE
CSMA /CD PPT ON SLIDESHARE
 
Ipsec
IpsecIpsec
Ipsec
 
Subnetting Presentation
Subnetting PresentationSubnetting Presentation
Subnetting Presentation
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Address resolution protocol (ARP)
Address resolution protocol (ARP)Address resolution protocol (ARP)
Address resolution protocol (ARP)
 
WAN Technologies slide show
WAN Technologies slide showWAN Technologies slide show
WAN Technologies slide show
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacks
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
 
Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocol
 
Switchport port security explained with examples
Switchport port security explained with examplesSwitchport port security explained with examples
Switchport port security explained with examples
 
Dhcp
DhcpDhcp
Dhcp
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
Chapter 4 data link layer
Chapter 4 data link layerChapter 4 data link layer
Chapter 4 data link layer
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
 
Layer 2 switching
Layer 2 switchingLayer 2 switching
Layer 2 switching
 
Networking devices
Networking devicesNetworking devices
Networking devices
 

Andere mochten auch

Cisco CCNA Port Security
Cisco CCNA Port SecurityCisco CCNA Port Security
Cisco CCNA Port SecurityHamed Moghaddam
 
Port security
Port securityPort security
Port securityborepatch
 
Ip -subnetting
Ip -subnettingIp -subnetting
Ip -subnettingnithinj54
 
Port Security - Possible Technology Interventions and Solutioning
Port Security - Possible Technology Interventions and SolutioningPort Security - Possible Technology Interventions and Solutioning
Port Security - Possible Technology Interventions and SolutioningAmol Vidwans
 
How to create Security on Cisco switch
How to create Security on Cisco switchHow to create Security on Cisco switch
How to create Security on Cisco switchtcpipguru
 
Africa 24 6 2011 Port Security Pdf
Africa 24 6 2011 Port Security PdfAfrica 24 6 2011 Port Security Pdf
Africa 24 6 2011 Port Security PdfFiroze Hussain
 
Cisco Switch Security
Cisco Switch SecurityCisco Switch Security
Cisco Switch Securitydkaya
 
Mac addresses(media access control)
Mac addresses(media access control)Mac addresses(media access control)
Mac addresses(media access control)Ismail Mukiibi
 
Cisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideHarris Andrea
 
Subnetting Basics Tutorial
Subnetting Basics TutorialSubnetting Basics Tutorial
Subnetting Basics Tutorialmikem801
 
Switching Techniques
Switching TechniquesSwitching Techniques
Switching Techniquestameemyousaf
 
Computer network switching
Computer network switchingComputer network switching
Computer network switchingShivani Godha
 
Medium Access Control
Medium Access ControlMedium Access Control
Medium Access Controlanishgoel
 
Internet protocol (ip) ppt
Internet protocol (ip) pptInternet protocol (ip) ppt
Internet protocol (ip) pptDulith Kasun
 

Andere mochten auch (20)

Cisco CCNA Port Security
Cisco CCNA Port SecurityCisco CCNA Port Security
Cisco CCNA Port Security
 
Port security
Port securityPort security
Port security
 
Ip -subnetting
Ip -subnettingIp -subnetting
Ip -subnetting
 
Visual ip subnetting
Visual ip subnettingVisual ip subnetting
Visual ip subnetting
 
Port Security - Possible Technology Interventions and Solutioning
Port Security - Possible Technology Interventions and SolutioningPort Security - Possible Technology Interventions and Solutioning
Port Security - Possible Technology Interventions and Solutioning
 
Container Security Initiative CSI
Container Security Initiative CSIContainer Security Initiative CSI
Container Security Initiative CSI
 
How to create Security on Cisco switch
How to create Security on Cisco switchHow to create Security on Cisco switch
How to create Security on Cisco switch
 
Africa 24 6 2011 Port Security Pdf
Africa 24 6 2011 Port Security PdfAfrica 24 6 2011 Port Security Pdf
Africa 24 6 2011 Port Security Pdf
 
TCP/IP Basics
TCP/IP BasicsTCP/IP Basics
TCP/IP Basics
 
Cisco Switch Security
Cisco Switch SecurityCisco Switch Security
Cisco Switch Security
 
Mac addresses(media access control)
Mac addresses(media access control)Mac addresses(media access control)
Mac addresses(media access control)
 
Cisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening Guide
 
Subnetting Basics Tutorial
Subnetting Basics TutorialSubnetting Basics Tutorial
Subnetting Basics Tutorial
 
Switching
SwitchingSwitching
Switching
 
Switching Techniques
Switching TechniquesSwitching Techniques
Switching Techniques
 
Ip address
Ip addressIp address
Ip address
 
Computer network switching
Computer network switchingComputer network switching
Computer network switching
 
Medium Access Control
Medium Access ControlMedium Access Control
Medium Access Control
 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnetting
 
Internet protocol (ip) ppt
Internet protocol (ip) pptInternet protocol (ip) ppt
Internet protocol (ip) ppt
 

Ähnlich wie Port Security

Cisco Switch How To - Secure a Switch Port
Cisco Switch How To - Secure a Switch PortCisco Switch How To - Secure a Switch Port
Cisco Switch How To - Secure a Switch PortIPMAX s.r.l.
 
Configuring dynamic switchport security
Configuring dynamic switchport securityConfiguring dynamic switchport security
Configuring dynamic switchport securityIT Tech
 
Security Concerns in LANs.pptx
Security Concerns in LANs.pptxSecurity Concerns in LANs.pptx
Security Concerns in LANs.pptxjoko
 
Chapter_Five[1].ppt
Chapter_Five[1].pptChapter_Five[1].ppt
Chapter_Five[1].pptBachaSirata
 
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...INFitunes
 
firewalls.ppt
firewalls.pptfirewalls.ppt
firewalls.pptRaj Kumar
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigationsMukesh Chaudhari
 
Ch06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.pptCh06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.pptgocokir267
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.abidhassan225
 
Pertemuan 9 intrusion detection system
Pertemuan 9 intrusion detection systemPertemuan 9 intrusion detection system
Pertemuan 9 intrusion detection systemnewbie2019
 
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and Configuration
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and ConfigurationLAN Switching and Wireless: Ch2 - Basic Switch Concepts and Configuration
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and ConfigurationAbdelkhalik Mosa
 
Capitulo 6 v 2 0
Capitulo 6 v 2 0Capitulo 6 v 2 0
Capitulo 6 v 2 0milkux
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question CollectionManish Luintel
 

Ähnlich wie Port Security (20)

SRWE_Module_11.pptx
SRWE_Module_11.pptxSRWE_Module_11.pptx
SRWE_Module_11.pptx
 
Cisco Switch How To - Secure a Switch Port
Cisco Switch How To - Secure a Switch PortCisco Switch How To - Secure a Switch Port
Cisco Switch How To - Secure a Switch Port
 
Cap2 configuring switch
Cap2 configuring switchCap2 configuring switch
Cap2 configuring switch
 
Configuring dynamic switchport security
Configuring dynamic switchport securityConfiguring dynamic switchport security
Configuring dynamic switchport security
 
Security Concerns in LANs.pptx
Security Concerns in LANs.pptxSecurity Concerns in LANs.pptx
Security Concerns in LANs.pptx
 
Chapter_Five[1].ppt
Chapter_Five[1].pptChapter_Five[1].ppt
Chapter_Five[1].ppt
 
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...
 
Netdefender
NetdefenderNetdefender
Netdefender
 
Attack.pptx
Attack.pptxAttack.pptx
Attack.pptx
 
firewalls.ppt
firewalls.pptfirewalls.ppt
firewalls.ppt
 
Net Defender
Net DefenderNet Defender
Net Defender
 
Wp ci securing_layer2
Wp ci securing_layer2Wp ci securing_layer2
Wp ci securing_layer2
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigations
 
Ch06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.pptCh06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.ppt
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.
 
Ch6
Ch6Ch6
Ch6
 
Pertemuan 9 intrusion detection system
Pertemuan 9 intrusion detection systemPertemuan 9 intrusion detection system
Pertemuan 9 intrusion detection system
 
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and Configuration
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and ConfigurationLAN Switching and Wireless: Ch2 - Basic Switch Concepts and Configuration
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and Configuration
 
Capitulo 6 v 2 0
Capitulo 6 v 2 0Capitulo 6 v 2 0
Capitulo 6 v 2 0
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question Collection
 

Mehr von NetProtocol Xpert

Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)NetProtocol Xpert
 
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)NetProtocol Xpert
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data planeNetProtocol Xpert
 
Point to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAPPoint to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAPNetProtocol Xpert
 
Avoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a commandAvoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a commandNetProtocol Xpert
 
TCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and SwitchesTCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and SwitchesNetProtocol Xpert
 
MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)NetProtocol Xpert
 
OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)NetProtocol Xpert
 

Mehr von NetProtocol Xpert (20)

Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)
 
MPLS Layer 3 VPN
MPLS Layer 3 VPN MPLS Layer 3 VPN
MPLS Layer 3 VPN
 
Storm-Control
Storm-ControlStorm-Control
Storm-Control
 
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)
 
IP Source Guard
IP Source Guard IP Source Guard
IP Source Guard
 
DHCP Snooping
DHCP SnoopingDHCP Snooping
DHCP Snooping
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
 
Application & Data Center
Application & Data CenterApplication & Data Center
Application & Data Center
 
Cisco ISR 4351 Router
Cisco ISR 4351 RouterCisco ISR 4351 Router
Cisco ISR 4351 Router
 
Cisco ASR 1001-X Router
Cisco ASR 1001-X RouterCisco ASR 1001-X Router
Cisco ASR 1001-X Router
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data plane
 
Point to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAPPoint to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAP
 
Avoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a commandAvoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a command
 
TCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and SwitchesTCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and Switches
 
Private VLANs
Private VLANsPrivate VLANs
Private VLANs
 
MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)
 
OTV Configuration
OTV ConfigurationOTV Configuration
OTV Configuration
 
Cisco OTV 
Cisco OTV Cisco OTV 
Cisco OTV 
 
OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)
 
Regular expression examples
Regular expression examplesRegular expression examples
Regular expression examples
 

Kürzlich hochgeladen

Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...ranjana rawat
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxthe ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxhumanexperienceaaa
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 

Kürzlich hochgeladen (20)

Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxthe ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 

Port Security

  • 2.  By default, all interfaces on a Cisco switch are turned on.  That means that an attacker could connect to your network through a wall socket and potentially threaten your network.  If you know which devices will be connected to which ports, you can use the Cisco security feature called port security.  By using port security, a network administrator can associate specific MAC addresses with the interface, which can prevent an attacker to connect his device.  This way you can restrict access to an interface so that only the authorized devices can use it. If an unauthorized device is connected, you can decide what action the switch will take, for example discarding the traffic and shutting down the port.
  • 3.  To configure port security, three steps are required: 1. Define the interface as an access interface by using the switchport mode access interface subcommand 2. Enable port security by using the switchport port- security interface subcommand 3. Define which MAC addresses are allowed to send frames through this interface by using the switchport port-security mac-address MAC_ADDRESS interface subcommand or using the swichport port-security mac-address sticky interface subcommand to dynamically learn the MAC address of the currently connected host
  • 4.  Two steps are optional: 1. Define what action the switch will take when receiving a frame from an unauthorized device by using the port security violation {protect | restrict | shutdown} interface subcommand. All three options discards the traffic from the unauthorized device. The restrict and shutdown options send a log messages when a violation occurs. Shut down mode also shuts down the port. 2. Define the maximum number of MAC addresses that can be used on the port by using the switchport port-security maximum NUMBER interface submode command
  • 5.  The following example shows the configuration of port security on a Cisco switch:
  • 6.  First, we need to enable port security and define which MAC addresses are allowed to send frames:
  • 7.  Next, by using the show port-security interface fa0/1 we can see that the switch has learned the MAC address of host A:
  • 8.  By default, the maximum number of allowed MAC addresses are one, so if we connect another host to the same port, the security violation will occur:  Status code of „err-disabled“ means that the security violation occurred on the port.  NOTE - to enable the port, we need to use the shutdown and no shutdown interface subcommands