Home » TP-Link Manuals » Hubs & Switches » TP-Link TL-SL5428E » Manual Viewer

TP-Link TL-SL5428E User Guide - Page 48

Port Security

UPC - 845973020873

Add to My Manuals
Save this manual to your list of manuals

Page 48 highlights

Note: 1. The LAG member can not be selected as the mirrored port or mirroring port. 2. A port can not be set as the mirrored port and the mirroring port simultaneously. 3. The Port Mirror function can take effect span the multiple VLANs. 7.1.3 Port Security MAC Address Table maintains the mapping relationship between the port and the MAC address of the connected device, which is the base of the packet forwarding. The capacity of MAC Address Table is fixed. MAC Address Attack is the attack method that the attacker takes to obtain the network information illegally. The attacker uses tools to generate the cheating MAC address and quickly occupy the MAC Address Table. When the MAC Address Table is full, the switch will broadcast the packets to all the ports. At this moment, the attacker can obtain the network information via various sniffers and attacks. When the MAC Address Table is full, the packets traffic will flood to all the ports, which results in overload, lower speed, packets drop and even breakdown of the system. Port Security is to protect the switch from the malicious MAC Address Attack by limiting the maximum number of MAC addresses that can be learned on the port. The port with Port Security feature enabled will learn the MAC address dynamically. When the learned MAC address number reaches the maximum, the port will stop learning. Thereafter, the other devices with the MAC address unlearned can not access to the network via this port. Choose the menu Switching→Port→Port Security to load the following page. Figure 7-3 Port Security The following entries are displayed on this screen: ¾ Port Security 40

Section	Page
Package Contents	9
Chapter 1 About this Guide	10
1.1 Intended Readers	10
1.2 Conventions	10
1.3 Overview of This Guide	10
Chapter 2 Introduction	14
2.3.1 Front Panel	15
2.3.2 Rear Panel	16
Chapter 3 Installation	17
3.1 Precautions	17
3.2 Installation	17
3.2.1 Desktop Installation	18
3.2.2 Rack Installation	18
3.3 Connect to Ground	19
Chapter 4 Connection	22
4.1 Ethernet Ports	22
4.2 SFP Ports	22
4.3 Console Port	23
4.4 Power On	24
Chapter 5 Login to the Switch	25
5.1 Login	25
5.2 Configuration	25
Chapter 6 System	27
6.1 System Info	27
6.1.1 System Summary	27
6.1.2 Device Description	29
6.1.3 System Time	30
6.1.4 System IP	31
6.2 User Manage	32
6.2.1 User Table	32
6.2.2 User Config	32
6.3 System Tools	34
6.3.1 Config Restore	34
6.3.2 Config Backup	34
6.3.3 Firmware Upgrade	35
6.3.4 System Reboot	36
6.3.5 System Reset	36
6.4 Access Security	36
6.4.1 Access Control	36
6.4.2 SSL Config	38
6.4.3 SSH Config	39
Chapter 7 Switching	45
7.1 Port	45
7.1.1 Port Config	45
7.1.2 Port Mirror	46
7.1.3 Port Security	48
7.2 LAG	49
7.2.1 LAG Table	50
7.2.2 Static LAG	51
7.2.3 LACP Config	52
7.3 Traffic Monitor	54
7.3.1 Traffic Summary	54
7.3.2 Traffic Statistics	55
7.4 MAC Address	56
7.4.1 Address Table	57
7.4.2 Static Address	59
7.4.3 Dynamic Address	60
7.4.4 Filtering Address	62
Chapter 8 VLAN	64
8.1 802.1Q VLAN	65
8.1.1 VLAN Config	67
8.1.2 Port Config	69
8.2 MAC VLAN	71
8.2.1 MAC VLAN	71
8.2.2 Port Enable	72
8.3 Protocol VLAN	73
8.3.1 Protocol VLAN	74
8.3.2 Protocol Template	74
8.3.3 Port Enable	75
8.4 VLAN VPN	76
8.4.1 VPN Config	77
8.4.2 VLAN Mapping	78
8.4.3 Port Enable	79
8.5 GVRP	80
Chapter 9 Spanning Tree	84
9.1 STP Config	89
9.1.1 STP Config	89
9.1.2 STP Summary	91
9.2 Port Config	92
9.3 MSTP Instance	94
9.3.1 Region Config	94
9.3.2 Instance Config	95
9.3.3 Instance Port Config	96
9.4 STP Security	98
9.4.1 Port Protect	98
9.4.2 TC Protect	101
9.5 Application Example for STP Function	102
Chapter 10 Multicast	106
10.1 IGMP Snooping	108
10.1.1 Snooping Config	109
10.1.2 Port Config	110
10.1.3 VLAN Config	111
10.1.4 Multicast VLAN	113
10.2 Multicast IP	116
10.2.1 Multicast IP Table	117
10.2.2 Static Multicast IP	117
10.3 Multicast Filter	118
10.3.1 IP-Range	119
10.3.2 Port Filter	120
10.4 Packet Statistics	121
Chapter 11 QoS	123
11.1 DiffServ	126
11.1.1 Port Priority	126
11.1.2 Schedule Mode	127
11.1.3 802.1P Priority	128
11.1.4 DSCP Priority	129
11.2 Bandwidth Control	131
11.2.1 Rate Limit	131
11.2.2 Storm Control	132
11.3 Voice VLAN	133
11.3.1 Global Config	135
11.3.2 Port Config	136
11.3.3 OUI Config	137
Chapter 12 ACL	139
12.1 Time-Range	139
12.1.1 Time-Range Summary	139
12.1.2 Time-Range Create	140
12.1.3 Holiday Config	141
12.2 ACL Config	141
12.2.1 ACL Summary	142
12.2.2 ACL Create	142
12.2.3 MAC ACL	143
12.2.4 Standard-IP ACL	144
12.2.5 Extend-IP ACL	145
12.3 Policy Config	146
12.3.1 Policy Summary	146
12.3.2 Policy Create	147
12.3.3 Action Create	147
12.4 Policy Binding	149
12.4.1 Binding Table	149
12.4.2 Port Binding	149
12.4.3 VLAN Binding	150
Chapter 13 Network Security	154
13.1 IP-MAC Binding	154
13.1.1 Binding Table	154
13.1.2 Manual Binding	155
13.1.3 ARP Scanning	157
13.1.4 DHCP Snooping	158
13.2 ARP Inspection	164
13.2.1 ARP Detect	168
13.2.2 ARP Defend	169
13.2.3 ARP Statistics	170
13.5 802.1X	175
13.5.1 Global Config	179
13.5.2 Port Config	181
13.5.3 Radius Server	182
Chapter 14 SNMP	184
14.1 SNMP Config	186
14.1.1 Global Config	186
14.1.2 SNMP View	187
14.1.3 SNMP Group	188
14.1.4 SNMP User	189
14.1.5 SNMP Community	191
14.2 Notification	193
14.3 RMON	195
14.3.1 History Control	196
14.3.2 Event Config	196
14.3.3 Alarm Config	197
Chapter 15 Cluster	200
15.1 NDP	201
15.1.1 Neighbor Info	201
15.1.2 NDP Summary	202
15.1.3 NDP Config	204
15.2 NTDP	205
15.2.1 Device Table	205
15.2.2 NTDP Summary	206
15.2.3 NTDP Config	208
15.3 Cluster	209
15.3.1 Cluster Summary	209
15.3.2 Cluster Config	212
15.3.3 Member Config	214
15.3.4 Cluster Topology	215
15.4 Application Example for Cluster Function	217
Chapter 16 Maintenance	220
16.1 System Monitor	220
16.1.1 CPU Monitor	220
16.1.2 Memory Monitor	221
16.2 Log	222
16.2.1 Log Table	223
16.2.2 Local Log	223
16.2.3 Remote Log	224
16.2.4 Backup Log	225
16.3 Device Diagnose	226
16.3.1 Cable Test	226
16.3.2 Loopback	227
16.4 Network Diagnose	227
16.4.1 Ping	227
16.4.2 Tracert	228
Chapter 17 System Maintenance via FTP	230
Appendix A: Specifications	235
Appendix B: Configuring the PCs	236
Appendix C: 802.1X Client Software	239

Match case Limit results 1 per page

Note:

The LAG member can not be selected as the mirrored port or mirroring port.

A port can not be set as the mirrored port and the mirroring port simultaneously.

The Port Mirror function can take effect span the multiple VLANs.

7.1.3 Port Security

MAC Address Table maintains the mapping relationship between the port and the MAC address of

the connected device, which is the base of the packet forwarding. The capacity of MAC Address

Table is fixed. MAC Address Attack is the attack method that the attacker takes to obtain the

network information illegally. The attacker uses tools to generate the cheating MAC address and

quickly occupy the MAC Address Table. When the MAC Address Table is full, the switch will

broadcast the packets to all the ports. At this moment, the attacker can obtain the network

information via various sniffers and attacks. When the MAC Address Table is full, the packets

traffic will flood to all the ports, which results in overload, lower speed, packets drop and even

breakdown of the system.

Port Security is to protect the switch from the malicious MAC Address Attack by limiting the

maximum number of MAC addresses that can be learned on the port. The port with Port Security

feature enabled will learn the MAC address dynamically. When the learned MAC address number

reaches the maximum, the port will stop learning. Thereafter, the other devices with the MAC

address unlearned can not access to the network via this port.

Choose the menu

Switching

→

Port

→

Port Security

to load the following page.

Figure 7-3 Port Security

The following entries are displayed on this screen:

Port Security