From the course: Cisco CCNP SCOR Security (350-701) Cert Prep: 1 Security Concepts and Network Security

Unlock this course with a free trial

Join today to access over 22,500 courses taught by industry experts.

Port security

Port security

From the course: Cisco CCNP SCOR Security (350-701) Cert Prep: 1 Security Concepts and Network Security

Start my 1-month free trial Buy for my team

Port security

- [Presenter] Another layer to security method that we need to know how to configure is port security. It's a great feature and it's really simple to implement. Port security can be used to configure the maximum number of Mac addresses allowed on imports. We can do this through a static configuration or the port can dynamically learn the Mac address that's attached to it. Port security is one way to mitigate things such as CAM table overflow attacks. If a device with a mismatched Mac address is connected to an interface with port security enabled, then a port violation will occur and the port enters the error disabled state. There are three different security violation modes that can be configured which are shut down, restrict and protect. The default port security action is shut down. A port is disabled and an SNMP trap message and assist log message are generated. Restrict, drops the frame and also generates an SNMP trap and CIS log message and protect simply drops the frame with no…

Contents