Configuring Port Security - HP ProCurve 6400cl Series Access Security Manual

Configuring Port Security

Using the CLI, you can:
■ Configure port security and edit security settings.
Add or delete devices from the list of authorized addresses for one or more
■
ports.
Clear the Intrusion flag on specific ports
■
Syntax: port-security
[e] <port-list>< learn-mode | address-limit | mac-address | action |
clear-intrusion-flag >
<port-list>: Specifies a list of one or more ports to which
the port-security command applies.
learn-mode < continuous | static | port-access | configured | limited-
continuous >
For the specified port:
• Identifies the method for acquiring authorized addresses.
• On Series 5300xl switches, automatically invokes eavesdrop
protection. (Refer to "Eavesdrop Protection (Series 5300xl Switches)"
on page 11-5.)
continuous (Default): Appears in the factory-default setting
or when you execute no port-security
addresses from the device(s) to which it is connected. In
this state, the port accepts traffic from any device(s) to
which it is connected. Addresses learned in the learn
continuous mode will "age out" and be automatically
deleted if they are not used regularly. The default age time
is five minutes.
Addresses learned this way appear in the switch and port
address tables and age out according to the MAC Age Interval
in the System Information configuration screen of the
Menu interface or the show system-information listing. You
can set the MAC age out time using the CLI, SNMP, Web,
or menu interfaces. For more information on the mac-age-
time command refer to the chapter titled "Interface Access
and System Information" in the Management and
Configuration Guide for your switch.
— Continued —
Configuring and Monitoring Port Security
Allows the port to learn
.
Port Security
11-11