0% found this document useful (0 votes)

121 views13 pages

Port Security

The document discusses configuring and verifying port security on Cisco switches. It covers enabling port security on interfaces, setting maximum MAC addresses and violations, learning MAC addresses dynamically, recovering from port security violations, and commands for verifying port security configuration and status.

Uploaded by

Tri Le

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

121 views13 pages

Port Security

Uploaded by

Tri Le

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 13

Port Security

down up errdisable Administrative down

A B

S(config)# interface fa0/1 S(config-if)# switchport mode access S(config-if)# switchport port-security S(config-if)# switchport port-security maximum 1 S(config-if)# switchport port-security mac-address 0000.0001.000A S(config-if)# switchport port-security violation shutdown

2007 Cisco Systems, Inc. All rights reserved.

ICND1 v1.02-1

Port Security
B A
up

S(config)# interface fa0/1 S(config-if)# switchport mode access S(config-if)# switchport port-security S(config-if)# switchport port-security S(config-if)# switchport port-security S(config-if)# switchport port-security S(config-if)# switchport port-security

maximum 2 mac-address 0000.0001.000A mac-address 0000.0001.000B violation shutdown

2007 Cisco Systems, Inc. All rights reserved.

ICND1 v1.02-2

Port Security
C B A
up

maximum 2 mac-address 0000.0001.000A mac-address 0000.0001.000B violation shutdown

2007 Cisco Systems, Inc. All rights reserved.

ICND1 v1.02-3

Port Security
B A
up

S(config)# interface fa0/1 S(config-if)# switchport mode access S(config-if)# switchport port-security S(config-if)# switchport port-security maximum 2 S(config-if)# switchport port-security mac-address sticky S(config-if)# switchport port-security violation shutdown

Switch t ng hoc n MAC u tin bng cach cm ln lt n PC, ri ping t PC

Port Security
B A
up

maximum 2 mac-address 0000.0001.000A mac-address sticky violation shutdown

Switch t ng hoc n MAC u tin bng cach cm ln lt n PC, ri ping t PC

Port Security
up down

B A

default violation is shutdown

Port Security
up

B A

maximum 2 mac-address 0000.0001.000A mac-address 0000.0001.000B violation restrict

drop frame, phat syslog

Port Security
up

B A

maximum 2 mac-address 0000.0001.000A mac-address 0000.0001.000B violation protect

drop frame, no syslog

Recovery Port Security

down up

A B

S(config)# interface fa0/1 S(config-if)# shutdown S(config-if)# no shutdown

ICND1 v1.02-9

Securing Unused Ports

down up

B A

S(config)# errdisable detect cause all S(config)# errdisable recovery cause all S(config)# errdisable recovery interval 30

ICND1 v1.02-10

Verifying Port Security

SwitchX# show port-security interface f0/5 Port Security : Enabled Port Status : Secure-up Violation Mode : Shutdown Aging Time : 20 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1 Total MAC Addresses : 1 Configured MAC Addresses : 0 Sticky MAC Addresses : 0 Last Source Address : 0000.0000.0000 Security Violation Count : 0

ICND1 v1.02-11

Verifying Port Security

SwitchX# show port-security address Secure Mac Address Table ----------------------------------------------------------------Vlan Mac Address Type Ports Remaining Age (mins) --------------------------------1 0008.dddd.eeee SecureConfigured Fa0/5 ----------------------------------------------------------------Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 1024

ICND1 v1.02-12

Verifying Port Security

SW1# show interface status err-disabled Port Name Status Reason Err-disabled Vlans Fa0/2 err-disabled port-security

ICND1 v1.02-13

Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
From Everand
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
Redouane MEDDANE
No ratings yet
Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
From Everand
Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
Ramon Nastase
4.5/5 (2)
ICND120S03
No ratings yet
ICND120S03
60 pages
Port Security & Switchport Redundant
No ratings yet
Port Security & Switchport Redundant
16 pages
Understanding Switch Security: Ethernet Lans
No ratings yet
Understanding Switch Security: Ethernet Lans
12 pages
Layer 2 Security-NEW
No ratings yet
Layer 2 Security-NEW
33 pages
Chapter 5 - Switch Configuration With Voice
No ratings yet
Chapter 5 - Switch Configuration With Voice
26 pages
6.2 - Switches Port Security
No ratings yet
6.2 - Switches Port Security
7 pages
How To Configure Port Security Cisco
No ratings yet
How To Configure Port Security Cisco
3 pages
Port Security
No ratings yet
Port Security
4 pages
Layer 2 Security
No ratings yet
Layer 2 Security
31 pages
Configure Switch Security: Addressing Table
No ratings yet
Configure Switch Security: Addressing Table
5 pages
Port Security in Switching
No ratings yet
Port Security in Switching
5 pages
SRWE Module 11
100% (1)
SRWE Module 11
48 pages
Topic 5.0 Switch Security (Part 2)
No ratings yet
Topic 5.0 Switch Security (Part 2)
41 pages
SRWE - Module - 11-Switch Security Configuration-Modified
100% (1)
SRWE - Module - 11-Switch Security Configuration-Modified
45 pages
SRWE - Module - 11 - Switch Security Configurations
No ratings yet
SRWE - Module - 11 - Switch Security Configurations
42 pages
Port Security and Configuration
No ratings yet
Port Security and Configuration
2 pages
Cisco Switch Port Security Configuration and Best Practices
No ratings yet
Cisco Switch Port Security Configuration and Best Practices
6 pages
Understanding Switch Security: Ethernet Lans
No ratings yet
Understanding Switch Security: Ethernet Lans
12 pages
Basic Router Security Confiruration
No ratings yet
Basic Router Security Confiruration
30 pages
CH 08
No ratings yet
CH 08
31 pages
CCNA Workbook Port Security v1.0
No ratings yet
CCNA Workbook Port Security v1.0
8 pages
Port Security
No ratings yet
Port Security
12 pages
13-F - W Config, VPN Config, IOS IPS Configuration, Hardware F - w-14-03-2024
No ratings yet
13-F - W Config, VPN Config, IOS IPS Configuration, Hardware F - w-14-03-2024
7 pages
ICND1 CH - 7
No ratings yet
ICND1 CH - 7
62 pages
Port Security & Configuration
No ratings yet
Port Security & Configuration
20 pages
Lec10 Switch Security Configuration Aaaa
No ratings yet
Lec10 Switch Security Configuration Aaaa
36 pages
Interop
No ratings yet
Interop
6 pages
Swtching
No ratings yet
Swtching
2 pages
11.port Security-Storm Control-Spoofing Attack Mitigating
No ratings yet
11.port Security-Storm Control-Spoofing Attack Mitigating
30 pages
11.port Security-Storm Control-Spoofing Attack Mitigating
No ratings yet
11.port Security-Storm Control-Spoofing Attack Mitigating
30 pages
Basic Switch/Router Configuration & Security (Ref Chapter 9 - ICND1)
No ratings yet
Basic Switch/Router Configuration & Security (Ref Chapter 9 - ICND1)
26 pages
Module 11 - Switch Security Configuration - Part1
No ratings yet
Module 11 - Switch Security Configuration - Part1
23 pages
SRWE Module 11
No ratings yet
SRWE Module 11
42 pages
2.2.4.11 Lab - Configuring Switch Security Features - ILM
100% (1)
2.2.4.11 Lab - Configuring Switch Security Features - ILM
15 pages
6.3.1.2 Packet Tracer - Layer 2 Security
100% (1)
6.3.1.2 Packet Tracer - Layer 2 Security
5 pages
Securing Devices - Port Security LAB
No ratings yet
Securing Devices - Port Security LAB
4 pages
Basic Router
No ratings yet
Basic Router
5 pages
F OZV7 HEIMFxk X8 B O3 H HBD Sy 6 Iqv 5 Gil Bnmuzux 5 L
No ratings yet
F OZV7 HEIMFxk X8 B O3 H HBD Sy 6 Iqv 5 Gil Bnmuzux 5 L
9 pages
2.2.4.11 Lab - Configuring Switch Security Features - Scribd
No ratings yet
2.2.4.11 Lab - Configuring Switch Security Features - Scribd
9 pages
Understanding Switch Security Issues: Minimizing Service Loss and Data Theft in A Campus Network
No ratings yet
Understanding Switch Security Issues: Minimizing Service Loss and Data Theft in A Campus Network
69 pages
5.2.2.9 Lab - Configuring Switch Security Features
No ratings yet
5.2.2.9 Lab - Configuring Switch Security Features
10 pages
Port Security
No ratings yet
Port Security
13 pages
5 2 2 9 Lab Configuring Switch Security Features ILM
No ratings yet
5 2 2 9 Lab Configuring Switch Security Features ILM
16 pages
Kjhgtyujnbhjkmnbvftgyhjk, MNBV
No ratings yet
Kjhgtyujnbhjkmnbvftgyhjk, MNBV
7 pages
IA17A DE160210 CaoXuanThien Module1 BasicSwitchConfiguration
No ratings yet
IA17A DE160210 CaoXuanThien Module1 BasicSwitchConfiguration
13 pages
Apuntes CCNA Security
No ratings yet
Apuntes CCNA Security
7 pages
CCNA Security v.2 - PT - For Checking
No ratings yet
CCNA Security v.2 - PT - For Checking
13 pages
Chapter 8 - Switch Configuration
No ratings yet
Chapter 8 - Switch Configuration
26 pages
Chapter 5: Switch Configuration: Routing and Switching Essentials v6.0
No ratings yet
Chapter 5: Switch Configuration: Routing and Switching Essentials v6.0
39 pages
7.1 Implement Port Security
No ratings yet
7.1 Implement Port Security
20 pages
Switchport Port Security Explained With Examples
No ratings yet
Switchport Port Security Explained With Examples
10 pages
Help With Commands
No ratings yet
Help With Commands
1 page
5.2.2.9 Lab - Configuring Switch Security Features - Solution
No ratings yet
5.2.2.9 Lab - Configuring Switch Security Features - Solution
16 pages
Port Security: Lab Summary
0% (1)
Port Security: Lab Summary
2 pages
02 - CK - Securing Network Devices
No ratings yet
02 - CK - Securing Network Devices
64 pages
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
From Everand
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
Mulayam Singh
No ratings yet
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
DH67CL Product Guide 02 English
No ratings yet
DH67CL Product Guide 02 English
78 pages
How To Program Delphi 3
No ratings yet
How To Program Delphi 3
448 pages
CSC211, Hand Outs
No ratings yet
CSC211, Hand Outs
107 pages
The New IBM z13 PART 1 - SHARE Feb21a2014
No ratings yet
The New IBM z13 PART 1 - SHARE Feb21a2014
56 pages
Pwa Install Guide
No ratings yet
Pwa Install Guide
4 pages
Master Guide For-SAP DBM-800
No ratings yet
Master Guide For-SAP DBM-800
29 pages
Netbackup - Difference Between Multiplexing and Multi Streaming
No ratings yet
Netbackup - Difference Between Multiplexing and Multi Streaming
2 pages
Pipelining in Computer Architecture
No ratings yet
Pipelining in Computer Architecture
46 pages
MT6737M Android Scatter
No ratings yet
MT6737M Android Scatter
8 pages
Computer Studies MS
No ratings yet
Computer Studies MS
3 pages
Lab Manual Cloud Computing PDF
No ratings yet
Lab Manual Cloud Computing PDF
12 pages
HUAWEI SP - Flash - Tool Upgrade Firmware Guidance
No ratings yet
HUAWEI SP - Flash - Tool Upgrade Firmware Guidance
10 pages
Module 2
No ratings yet
Module 2
44 pages
Technical Interview Questions - Active Directory
No ratings yet
Technical Interview Questions - Active Directory
4 pages
Pradnya Pramod Mohite: Budget Management App
No ratings yet
Pradnya Pramod Mohite: Budget Management App
22 pages
B XLZ Z2 RZ ZW9 Q MDEz NZ Y0 MTC 2 MQ
No ratings yet
B XLZ Z2 RZ ZW9 Q MDEz NZ Y0 MTC 2 MQ
2 pages
Source Code: 1. Create A Series From An Ndarray and A Dictionary of Values
No ratings yet
Source Code: 1. Create A Series From An Ndarray and A Dictionary of Values
28 pages
Dabur's Spoonful of The Cloud - As Sweet As It's Honey! - CIO Research Center
No ratings yet
Dabur's Spoonful of The Cloud - As Sweet As It's Honey! - CIO Research Center
6 pages
CAView Extract Users Guide
No ratings yet
CAView Extract Users Guide
14 pages
Readme
No ratings yet
Readme
8 pages
How To Clone A Git Repository - Devconnected
No ratings yet
How To Clone A Git Repository - Devconnected
9 pages
Iphone OS Programming Guide - Introduction
No ratings yet
Iphone OS Programming Guide - Introduction
3 pages
Introduction To Programming: Tutorial Task 2.2: Using Functions (Hello User With Functions)
No ratings yet
Introduction To Programming: Tutorial Task 2.2: Using Functions (Hello User With Functions)
4 pages
Spare Parts Catalog: Machine Type: Vip Iii 46 / Vip Iii 47 Gaming Platform: Various Game Software: Various
No ratings yet
Spare Parts Catalog: Machine Type: Vip Iii 46 / Vip Iii 47 Gaming Platform: Various Game Software: Various
14 pages
Normalization Activity
No ratings yet
Normalization Activity
4 pages
Netezza Fundamentals PDF
No ratings yet
Netezza Fundamentals PDF
60 pages
Core Developers
No ratings yet
Core Developers
92 pages
Lecture12 PDF
No ratings yet
Lecture12 PDF
9 pages
Practical-6
No ratings yet
Practical-6
7 pages
Virtual Machine Seminar
No ratings yet
Virtual Machine Seminar
37 pages

Port Security

Uploaded by

Port Security

Uploaded by

Port Security

down up errdisable Administrative down

2007 Cisco Systems, Inc. All rights reserved.

maximum 2 mac-address 0000.0001.000A mac-address 0000.0001.000B violation shutdown

2007 Cisco Systems, Inc. All rights reserved.

maximum 2 mac-address 0000.0001.000A mac-address 0000.0001.000B violation shutdown

2007 Cisco Systems, Inc. All rights reserved.

Switch t ng hoc n MAC u tin bng cach cm ln lt n PC, ri ping t PC

maximum 2 mac-address 0000.0001.000A mac-address sticky violation shutdown

Switch t ng hoc n MAC u tin bng cach cm ln lt n PC, ri ping t PC

default violation is shutdown

maximum 2 mac-address 0000.0001.000A mac-address 0000.0001.000B violation restrict

drop frame, phat syslog

maximum 2 mac-address 0000.0001.000A mac-address 0000.0001.000B violation protect

drop frame, no syslog

Recovery Port Security

S(config)# interface fa0/1 S(config-if)# shutdown S(config-if)# no shutdown

2007 Cisco Systems, Inc. All rights reserved.

Securing Unused Ports

2007 Cisco Systems, Inc. All rights reserved.

Verifying Port Security

2007 Cisco Systems, Inc. All rights reserved.

Verifying Port Security

2007 Cisco Systems, Inc. All rights reserved.

Verifying Port Security

2007 Cisco Systems, Inc. All rights reserved.

You might also like