SlideShare uma empresa Scribd logo

Port Security

NetProtocol Xpert
NetProtocol Xpert

Port Security

Engenharia
1 de 8
www.netprotocolxpert.in
 By default, all interfaces on a Cisco switch are turned on.  That means that an attacker could connect to your network through a wall socket and potentially threaten your network.  If you know which devices will be connected to which ports, you can use the Cisco security feature called port security.  By using port security, a network administrator can associate specific MAC addresses with the interface, which can prevent an attacker to connect his device.  This way you can restrict access to an interface so that only the authorized devices can use it. If an unauthorized device is connected, you can decide what action the switch will take, for example discarding the traffic and shutting down the port.
 To configure port security, three steps are required: 1. Define the interface as an access interface by using the switchport mode access interface subcommand 2. Enable port security by using the switchport port- security interface subcommand 3. Define which MAC addresses are allowed to send frames through this interface by using the switchport port-security mac-address MAC_ADDRESS interface subcommand or using the swichport port-security mac-address sticky interface subcommand to dynamically learn the MAC address of the currently connected host
 Two steps are optional: 1. Define what action the switch will take when receiving a frame from an unauthorized device by using the port security violation {protect | restrict | shutdown} interface subcommand. All three options discards the traffic from the unauthorized device. The restrict and shutdown options send a log messages when a violation occurs. Shut down mode also shuts down the port. 2. Define the maximum number of MAC addresses that can be used on the port by using the switchport port-security maximum NUMBER interface submode command
 The following example shows the configuration of port security on a Cisco switch:
 First, we need to enable port security and define which MAC addresses are allowed to send frames:
 Next, by using the show port-security interface fa0/1 we can see that the switch has learned the MAC address of host A:
 By default, the maximum number of allowed MAC addresses are one, so if we connect another host to the same port, the security violation will occur:  Status code of „err-disabled“ means that the security violation occurred on the port.  NOTE - to enable the port, we need to use the shutdown and no shutdown interface subcommands

Recomendados

Switching and Port Security
Switching and Port Security Switching and Port Security
Switching and Port Securityusman19
 
Network Security- port security.pptx
Network Security- port security.pptxNetwork Security- port security.pptx
Network Security- port security.pptxSulSya
 
How to configure port security in cisco switch
How to configure port security in cisco switchHow to configure port security in cisco switch
How to configure port security in cisco switchIT Tech
 
Firewall
FirewallFirewall
FirewallApo
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationNetProtocol Xpert
 
Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocolTom Chou
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
Firewall
FirewallFirewall
FirewallSaurabh Chauhan
 

Recomendados

Switching and Port Security
Switching and Port Security Switching and Port Security
Switching and Port Securityusman19
 
Network Security- port security.pptx
Network Security- port security.pptxNetwork Security- port security.pptx
Network Security- port security.pptxSulSya
 
How to configure port security in cisco switch
How to configure port security in cisco switchHow to configure port security in cisco switch
How to configure port security in cisco switchIT Tech
 
Firewall
FirewallFirewall
FirewallApo
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationNetProtocol Xpert
 
Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocolTom Chou
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
Firewall
FirewallFirewall
FirewallSaurabh Chauhan
 
11 palo alto user-id concepts
11 palo alto user-id concepts11 palo alto user-id concepts
11 palo alto user-id conceptsMostafa El Lathy
 
System hacking
System hackingSystem hacking
System hackingCAS
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instruction6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instructionMostafa El Lathy
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationyogendrasinghchahar
 
CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7Nil Menon
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 
Spanning tree protocol
Spanning tree protocolSpanning tree protocol
Spanning tree protocolMuuluu
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architectureuniversity of education,Lahore
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacksdkaya
 
Network security
Network securityNetwork security
Network securitymena kaheel
 
Siri bootcamp
Siri bootcampSiri bootcamp
Siri bootcampsirikeshava
 
CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4Nil Menon
 
Firewall basics
Firewall basicsFirewall basics
Firewall basicsFredrick Hall
 
Understanding and Preventing Layer 2 Attacks
Understanding and Preventing Layer 2 AttacksUnderstanding and Preventing Layer 2 Attacks
Understanding and Preventing Layer 2 AttacksTien Dung
 
Fortigate Training
Fortigate TrainingFortigate Training
Fortigate TrainingNCS Computech Ltd.
 
WPA 3
WPA 3WPA 3
WPA 3diggu22
 
Layer 2 switching
Layer 2 switchingLayer 2 switching
Layer 2 switchingNetProtocol Xpert
 
Cisco CCNA Port Security
Cisco CCNA Port SecurityCisco CCNA Port Security
Cisco CCNA Port SecurityHamed Moghaddam
 
Port security
Port securityPort security
Port securityborepatch
 

Mais conteúdo relacionado

Mais procurados

11 palo alto user-id concepts
11 palo alto user-id concepts11 palo alto user-id concepts
11 palo alto user-id conceptsMostafa El Lathy
 
System hacking
System hackingSystem hacking
System hackingCAS
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instruction6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instructionMostafa El Lathy
 
CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7Nil Menon
 
Spanning tree protocol
Spanning tree protocolSpanning tree protocol
Spanning tree protocolMuuluu
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacksdkaya
 
Network security
Network securityNetwork security
Network securitymena kaheel
 
CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4Nil Menon
 
Understanding and Preventing Layer 2 Attacks
Understanding and Preventing Layer 2 AttacksUnderstanding and Preventing Layer 2 Attacks
Understanding and Preventing Layer 2 AttacksTien Dung
 

Mais procurados (20)

11 palo alto user-id concepts
11 palo alto user-id concepts11 palo alto user-id concepts
11 palo alto user-id concepts
 
System hacking
System hackingSystem hacking
System hacking
 
Network security
Network securityNetwork security
Network security
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instruction6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instruction
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7
 
Network security
Network securityNetwork security
Network security
 
Firewall
Firewall Firewall
Firewall
 
Spanning tree protocol
Spanning tree protocolSpanning tree protocol
Spanning tree protocol
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architecture
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacks
 
Network security
Network securityNetwork security
Network security
 
Siri bootcamp
Siri bootcampSiri bootcamp
Siri bootcamp
 
CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4
 
Firewall basics
Firewall basicsFirewall basics
Firewall basics
 
Understanding and Preventing Layer 2 Attacks
Understanding and Preventing Layer 2 AttacksUnderstanding and Preventing Layer 2 Attacks
Understanding and Preventing Layer 2 Attacks
 
Fortigate Training
Fortigate TrainingFortigate Training
Fortigate Training
 
WPA 3
WPA 3WPA 3
WPA 3
 
Layer 2 switching
Layer 2 switchingLayer 2 switching
Layer 2 switching
 

Destaque

Cisco CCNA Port Security
Cisco CCNA Port SecurityCisco CCNA Port Security
Cisco CCNA Port SecurityHamed Moghaddam
 
Port security
Port securityPort security
Port securityborepatch
 
Ip -subnetting
Ip -subnettingIp -subnetting
Ip -subnettingnithinj54
 
Port Security - Possible Technology Interventions and Solutioning
Port Security - Possible Technology Interventions and SolutioningPort Security - Possible Technology Interventions and Solutioning
Port Security - Possible Technology Interventions and SolutioningAmol Vidwans
 
How to create Security on Cisco switch
How to create Security on Cisco switchHow to create Security on Cisco switch
How to create Security on Cisco switchtcpipguru
 
Africa 24 6 2011 Port Security Pdf
Africa 24 6 2011 Port Security PdfAfrica 24 6 2011 Port Security Pdf
Africa 24 6 2011 Port Security PdfFiroze Hussain
 
Cisco Switch Security
Cisco Switch SecurityCisco Switch Security
Cisco Switch Securitydkaya
 
Mac addresses(media access control)
Mac addresses(media access control)Mac addresses(media access control)
Mac addresses(media access control)Ismail Mukiibi
 
Cisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideHarris Andrea
 
Subnetting Basics Tutorial
Subnetting Basics TutorialSubnetting Basics Tutorial
Subnetting Basics Tutorialmikem801
 
Switching Techniques
Switching TechniquesSwitching Techniques
Switching Techniquestameemyousaf
 
Computer network switching
Computer network switchingComputer network switching
Computer network switchingShivani Godha
 
Medium Access Control
Medium Access ControlMedium Access Control
Medium Access Controlanishgoel
 
Internet protocol (ip) ppt
Internet protocol (ip) pptInternet protocol (ip) ppt
Internet protocol (ip) pptDulith Kasun
 

Destaque (20)

Cisco CCNA Port Security
Cisco CCNA Port SecurityCisco CCNA Port Security
Cisco CCNA Port Security
 
Port security
Port securityPort security
Port security
 
Ip -subnetting
Ip -subnettingIp -subnetting
Ip -subnetting
 
Visual ip subnetting
Visual ip subnettingVisual ip subnetting
Visual ip subnetting
 
Port Security - Possible Technology Interventions and Solutioning
Port Security - Possible Technology Interventions and SolutioningPort Security - Possible Technology Interventions and Solutioning
Port Security - Possible Technology Interventions and Solutioning
 
Container Security Initiative CSI
Container Security Initiative CSIContainer Security Initiative CSI
Container Security Initiative CSI
 
How to create Security on Cisco switch
How to create Security on Cisco switchHow to create Security on Cisco switch
How to create Security on Cisco switch
 
Africa 24 6 2011 Port Security Pdf
Africa 24 6 2011 Port Security PdfAfrica 24 6 2011 Port Security Pdf
Africa 24 6 2011 Port Security Pdf
 
TCP/IP Basics
TCP/IP BasicsTCP/IP Basics
TCP/IP Basics
 
Cisco Switch Security
Cisco Switch SecurityCisco Switch Security
Cisco Switch Security
 
Mac addresses(media access control)
Mac addresses(media access control)Mac addresses(media access control)
Mac addresses(media access control)
 
Cisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening Guide
 
Subnetting Basics Tutorial
Subnetting Basics TutorialSubnetting Basics Tutorial
Subnetting Basics Tutorial
 
Switching
SwitchingSwitching
Switching
 
Switching Techniques
Switching TechniquesSwitching Techniques
Switching Techniques
 
Ip address
Ip addressIp address
Ip address
 
Computer network switching
Computer network switchingComputer network switching
Computer network switching
 
Medium Access Control
Medium Access ControlMedium Access Control
Medium Access Control
 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnetting
 
Internet protocol (ip) ppt
Internet protocol (ip) pptInternet protocol (ip) ppt
Internet protocol (ip) ppt
 

Semelhante a Port Security

Cisco Switch How To - Secure a Switch Port
Cisco Switch How To - Secure a Switch PortCisco Switch How To - Secure a Switch Port
Cisco Switch How To - Secure a Switch PortIPMAX s.r.l.
 
Switchport port security explained with examples
Switchport port security explained with examplesSwitchport port security explained with examples
Switchport port security explained with examplesteameassefa
 
Configuring dynamic switchport security
Configuring dynamic switchport securityConfiguring dynamic switchport security
Configuring dynamic switchport securityIT Tech
 
Security Concerns in LANs.pptx
Security Concerns in LANs.pptxSecurity Concerns in LANs.pptx
Security Concerns in LANs.pptxjoko
 
Chapter_Five[1].ppt
Chapter_Five[1].pptChapter_Five[1].ppt
Chapter_Five[1].pptBachaSirata
 
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...INFitunes
 
firewalls.ppt
firewalls.pptfirewalls.ppt
firewalls.pptRaj Kumar
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigationsMukesh Chaudhari
 
Ch06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.pptCh06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.pptgocokir267
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.abidhassan225
 
Pertemuan 9 intrusion detection system
Pertemuan 9 intrusion detection systemPertemuan 9 intrusion detection system
Pertemuan 9 intrusion detection systemnewbie2019
 
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and Configuration
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and ConfigurationLAN Switching and Wireless: Ch2 - Basic Switch Concepts and Configuration
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and ConfigurationAbdelkhalik Mosa
 

Semelhante a Port Security (20)

SRWE_Module_11.pptx
SRWE_Module_11.pptxSRWE_Module_11.pptx
SRWE_Module_11.pptx
 
Cisco Switch How To - Secure a Switch Port
Cisco Switch How To - Secure a Switch PortCisco Switch How To - Secure a Switch Port
Cisco Switch How To - Secure a Switch Port
 
Switchport port security explained with examples
Switchport port security explained with examplesSwitchport port security explained with examples
Switchport port security explained with examples
 
Cap2 configuring switch
Cap2 configuring switchCap2 configuring switch
Cap2 configuring switch
 
Configuring dynamic switchport security
Configuring dynamic switchport securityConfiguring dynamic switchport security
Configuring dynamic switchport security
 
Security Concerns in LANs.pptx
Security Concerns in LANs.pptxSecurity Concerns in LANs.pptx
Security Concerns in LANs.pptx
 
Chapter_Five[1].ppt
Chapter_Five[1].pptChapter_Five[1].ppt
Chapter_Five[1].ppt
 
Switch security
Switch securitySwitch security
Switch security
 
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...
How to Configure Port-Security on Cisco Switch for Enhanced Network Security ...
 
Netdefender
NetdefenderNetdefender
Netdefender
 
Attack.pptx
Attack.pptxAttack.pptx
Attack.pptx
 
firewalls.ppt
firewalls.pptfirewalls.ppt
firewalls.ppt
 
Net Defender
Net DefenderNet Defender
Net Defender
 
Wp ci securing_layer2
Wp ci securing_layer2Wp ci securing_layer2
Wp ci securing_layer2
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigations
 
Ch06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.pptCh06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.ppt
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.
 
Ch6
Ch6Ch6
Ch6
 
Pertemuan 9 intrusion detection system
Pertemuan 9 intrusion detection systemPertemuan 9 intrusion detection system
Pertemuan 9 intrusion detection system
 
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and Configuration
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and ConfigurationLAN Switching and Wireless: Ch2 - Basic Switch Concepts and Configuration
LAN Switching and Wireless: Ch2 - Basic Switch Concepts and Configuration
 

Mais de NetProtocol Xpert

Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)NetProtocol Xpert
 
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)NetProtocol Xpert
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data planeNetProtocol Xpert
 
Point to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAPPoint to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAPNetProtocol Xpert
 
Avoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a commandAvoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a commandNetProtocol Xpert
 
TCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and SwitchesTCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and SwitchesNetProtocol Xpert
 
MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)NetProtocol Xpert
 
OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)NetProtocol Xpert
 

Mais de NetProtocol Xpert (20)

Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)
 
MPLS Layer 3 VPN
MPLS Layer 3 VPN MPLS Layer 3 VPN
MPLS Layer 3 VPN
 
Storm-Control
Storm-ControlStorm-Control
Storm-Control
 
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)
 
IP Source Guard
IP Source Guard IP Source Guard
IP Source Guard
 
DHCP Snooping
DHCP SnoopingDHCP Snooping
DHCP Snooping
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
 
Application & Data Center
Application & Data CenterApplication & Data Center
Application & Data Center
 
Cisco ISR 4351 Router
Cisco ISR 4351 RouterCisco ISR 4351 Router
Cisco ISR 4351 Router
 
Cisco ASR 1001-X Router
Cisco ASR 1001-X RouterCisco ASR 1001-X Router
Cisco ASR 1001-X Router
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data plane
 
Point to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAPPoint to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAP
 
Avoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a commandAvoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a command
 
TCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and SwitchesTCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and Switches
 
Private VLANs
Private VLANsPrivate VLANs
Private VLANs
 
MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)
 
OTV Configuration
OTV ConfigurationOTV Configuration
OTV Configuration
 
Cisco OTV 
Cisco OTV Cisco OTV 
Cisco OTV 
 
OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)
 
Regular expression examples
Regular expression examplesRegular expression examples
Regular expression examples
 

Último

Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleAlluxio, Inc.
 
Solving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptSolving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptJasonTagapanGulla
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsSachinPawar510423
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptSAURABHKUMAR892774
 
Introduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHIntroduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHC Sai Kiran
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)Dr SOUNDIRARAJ N
 
Transport layer issues and challenges - Guide
Transport layer issues and challenges - GuideTransport layer issues and challenges - Guide
Transport layer issues and challenges - GuideGOPINATHS437943
 
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfCCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfAsst.prof M.Gokilavani
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgsaravananr517913
 
welding defects observed during the welding
welding defects observed during the weldingwelding defects observed during the welding
welding defects observed during the weldingMuhammadUzairLiaqat
 

Último (20)

Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at Scale
 
young call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Serviceyoung call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Service
 
Solving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptSolving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.ppt
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documents
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.ppt
 
Introduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHIntroduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECH
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
 
Transport layer issues and challenges - Guide
Transport layer issues and challenges - GuideTransport layer issues and challenges - Guide
Transport layer issues and challenges - Guide
 
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfCCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
 
welding defects observed during the welding
welding defects observed during the weldingwelding defects observed during the welding
welding defects observed during the welding
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 

Port Security

  • 2.  By default, all interfaces on a Cisco switch are turned on.  That means that an attacker could connect to your network through a wall socket and potentially threaten your network.  If you know which devices will be connected to which ports, you can use the Cisco security feature called port security.  By using port security, a network administrator can associate specific MAC addresses with the interface, which can prevent an attacker to connect his device.  This way you can restrict access to an interface so that only the authorized devices can use it. If an unauthorized device is connected, you can decide what action the switch will take, for example discarding the traffic and shutting down the port.
  • 3.  To configure port security, three steps are required: 1. Define the interface as an access interface by using the switchport mode access interface subcommand 2. Enable port security by using the switchport port- security interface subcommand 3. Define which MAC addresses are allowed to send frames through this interface by using the switchport port-security mac-address MAC_ADDRESS interface subcommand or using the swichport port-security mac-address sticky interface subcommand to dynamically learn the MAC address of the currently connected host
  • 4.  Two steps are optional: 1. Define what action the switch will take when receiving a frame from an unauthorized device by using the port security violation {protect | restrict | shutdown} interface subcommand. All three options discards the traffic from the unauthorized device. The restrict and shutdown options send a log messages when a violation occurs. Shut down mode also shuts down the port. 2. Define the maximum number of MAC addresses that can be used on the port by using the switchport port-security maximum NUMBER interface submode command
  • 5.  The following example shows the configuration of port security on a Cisco switch:
  • 6.  First, we need to enable port security and define which MAC addresses are allowed to send frames:
  • 7.  Next, by using the show port-security interface fa0/1 we can see that the switch has learned the MAC address of host A:
  • 8.  By default, the maximum number of allowed MAC addresses are one, so if we connect another host to the same port, the security violation will occur:  Status code of „err-disabled“ means that the security violation occurred on the port.  NOTE - to enable the port, we need to use the shutdown and no shutdown interface subcommands