Cisco SR224T Administration Guide - Page 238

Configuring Security Configuring Port Security 17 • Interface-Select the port for which storm control is enabled. • Storm Control-Select to enable Storm Control. • Storm Control Rate Threshold-Enter the maximum rate at which unknown packets can be forwarded. The default for this threshold is 10,000 for FE devices and 100,000 for GE devices. • Storm Control Mode-Select one of the modes: - Unknown Unicast, Multicast & Broadcast-Counts unknown Unicast, Broadcast, and Multicast traffic towards the bandwidth threshold. - Multicast & Broadcast-Counts Broadcast and Multicast traffic towards the bandwidth threshold. - Broadcast Only-Counts only Broadcast traffic towards the bandwidth threshold. STEP 4 Click Apply. Storm control is modified, and the Running Configuration file is updated. Configuring Port Security Network security can be increased by limiting access on a port to users with specific MAC addresses. The MAC addresses can be either dynamically learned or statically configured. Port security monitors received and learned packets. Access to locked ports is limited to users with specific MAC addresses. Port Security has four modes: • Classic Lock-All learned MAC addresses on the port are locked, and the port does not learn any new MAC addresses. The learned addresses are not subject to aging or re-learning. • Limited Dynamic Lock-The switch learns MAC addresses up to the configured limit of allowed addresses. After the limit is reached, the switch does not learn additional addresses. In this mode, the addresses are subject to aging and re-learning. • Secure Permanent-Keeps the current dynamic MAC addresses associated with the port and learns up to the maximum number of Cisco Small Business 200 Series Smart Switch Administration Guide 239