Netgear FS728TLP Web Management User Guide - Page 170
Enable Port Security Globally, Con Port Security for Ports and LAGs
View all Netgear FS728TLP manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 170 highlights
ProSAFE FS526Tv2, FS726Tv2, and FS728TLP Smart Switches Enable Port Security Globally To enable port security globally: 1. Select Security > Traffic Control > Port Security > Port Security Configuration. The Port Security Configuration screen displays. 2. Next to Port Security Mode, select the Enable button. By default, port security is disabled. 3. Click the Apply button. The settings are saved. Note: For information about port security violations, see View Security Violations on page 174. Configure Port Security for Ports and LAGs On a port or LAG that is configured for port security (that is, the port or LAG is locked), the MAC addresses that are allowed can be both dynamic and static MAC addresses: • Dynamic locking. This method implements a first-arrival mechanism for port security. You specify how many addresses the locked port can learn. If the limit has not been reached, the port learns a packet with an unknown source MAC address and forwards it normally. When the limit is reached, the port can no longer learn MAC addresses and discards any packets with source MAC addresses that it has not already learned. You can effectively disable dynamic locking by setting the number of allowable dynamic entries to zero. • Static locking. This method lets you convert dynamically learned MAC addresses to static MAC addresses that are allowed on a locked port. The behavior of packets is the same as for dynamic locking: The port forwards only packets with an allowed source MAC address. Manage RADIUS and Port Authentication and Traffic Control 170