11-3. Port Security

  • Port security enables you to configure a port to only allow a given device or devices access to the switch port.

  • Port security defines the allowed devices by MAC address.

  • MAC addresses for allowed devices can be manually configured and/or “learned” by the switch.

  • There are limits to how many MAC addresses can be secured on a port. These numbers vary between platforms.

  • When an unauthorized MAC attempts to access the port, the switch can suspend or disable the port.

  • Port security cannot be configured on a trunk port, a Switched Port Analyzer (SPAN) port, or a port that is dynamically assigned to a VLAN.

  • Port security is supported on the 5000, 4000, and 6000 switches running COS. It is supported on the 3500XL, 3550, and 2950 switches ...

Get Cisco® Field Manual: Catalyst® Switch Configuration now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.