This dialog box allows the user to configure Port Security features specific to an interface.
The following guidelines should be followed for configuring the Port Security feature on an interface.
The following information appears:
The following list specifies buttons in this dialog box, as well as their function:
Click OK to continue.
Click Apply to save the changes in the dialog box.
Click Cancel to close the dialog box.
Click Refresh to update the contents of the dialog box.
Click Print to print the contents of the dialog box.
Click Help to access online help.
Port Security Enable (cpsIfPortSecurityEnable)
Indicates whether the port security feature is enabled on an interface. The source MAC address that does not match any cpsSecureMacAddress for the given interface in the cpsSecureMacAddressTable when the value of cpsIfCurrentSecureMacAddrCount is equal to cpsIfMaxSecureMacAddr and the value of this object is "true", is considered port security violation and an action specified by cpsIfViolationAction is taken on the interface. The value of this object has no effect when the value of cpsGlobalPortSecurityEnable is "false".
Port Security Status (cpsIfPortSecurityStatus)
Operational status of the port security feature on an interface.
Maximum MAC Addresses (cpsIfMaxSecureMacAddr)
Maximum number (N) of MAC addresses to be secured on the interface. The first N MAC addresses learned or configured are made secure. Changing this object value from N to M is not allowed if M is smaller than N, and M is less than the value of cpsIfCurrentSecureMacAddrCount on the interface. One way to change the number in this case is by deleting a sufficient number of secure mac addresses configured or learned on the device. The sum of this object value for all the interfaces is less than or equal to cpsGlobalMaxSecureAddress.
Total MAC Addresses (cpsIfCurrentSecureMacAddrCount)
Current number of MAC addresses secured on this interface.
Aging Time (cpsIfSecureMacAddrAgingTime)
Interval in which the interface is secured. After the time interval expires, the corresponding cpsSecureMacAddressEntry from the cpsSecureMacAddressTable is removed. If the value of this object is "0", the aging mechanism is disabled.
Aging Type (cpsIfSecureMacAddrAgingType)
Determines the way the secure MAC addresses are aged out.
Secure Static Address Aging (cpsIfStaticMacAddrAgingEnable)
Indicates whether the secure MAC address aging mechanism is enabled on static MAC address entries in the cpsSecureMacAddressTable. Setting this object value to "false" will cause the static MAC addresses to remain in the cpsSecureMacAddressTable regardless of the aging time and type configured on the interface.
Violation Mode (cpsIfViolationAction)
Determines the action that the device will take if the traffic matches the port security violation.
Violation Count (cpsIfViolationCount)
Indicates the number of violations that have occurred on a secure interface. The counter will be initialized to zero when the port security feature is enabled on an interface. This MIB object is only instantiated if the device can provide violation statistics on the interface.
Last Source Address (cpsIfSecureLastMacAddress)
Indicates the last secure MAC address that was learned or configured on this interface.
When this feature is enabled (the value of this object is set to true) on an interface, learned MAC addresses are secured permanently on that interface.
To remove these MAC addresses from the interface, you have to manually delete the addresses or disable the sticky feature.