From the course: Cisco CCNP SCOR Security (350-701) Cert Prep: 1 Security Concepts and Network Security
Unlock this course with a free trial
Join today to access over 22,500 courses taught by industry experts.
Port security
From the course: Cisco CCNP SCOR Security (350-701) Cert Prep: 1 Security Concepts and Network Security
Port security
- [Presenter] Another layer to security method that we need to know how to configure is port security. It's a great feature and it's really simple to implement. Port security can be used to configure the maximum number of Mac addresses allowed on imports. We can do this through a static configuration or the port can dynamically learn the Mac address that's attached to it. Port security is one way to mitigate things such as CAM table overflow attacks. If a device with a mismatched Mac address is connected to an interface with port security enabled, then a port violation will occur and the port enters the error disabled state. There are three different security violation modes that can be configured which are shut down, restrict and protect. The default port security action is shut down. A port is disabled and an SNMP trap message and assist log message are generated. Restrict, drops the frame and also generates an SNMP trap and CIS log message and protect simply drops the frame with no…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
IPS and firewall solutions4m 36s
-
Deployment models and architectures8m 21s
-
Device hardening5m 9s
-
Device management security5m 59s
-
NetFlow7m 15s
-
SNMPv316m 14s
-
Role-based CLI access7m 57s
-
NTP with authentication5m 32s
-
VLANs13m 6s
-
VRF-lite22m 5s
-
Port security5m 40s
-
DHCP snooping8m 4s
-
Dynamic ARP inspection4m 6s
-
Storm control7m 5s
-
PVLANs8m 55s
-
TACACS+ and RADIUS12m 33s
-
Downloadable ACL (dACL)5m 8s
-
-