|
Xavfsizlik buzilishiga javob berish (реагирование) rejimini sozlash
| | bet | 3/4 | | Sana | 27.05.2024 | | Hajmi | 121,59 Kb. | | #254696 |
Bog'liq 2-amaliy ish uXavfsizlik buzilishiga javob berish (реагирование) rejimini sozlash
Xavfsizlik buzilishiga javob berish ning uchta usuli mavjud:
switch(config-if)# switchport port-security violation
| restrict | shutdown>
switchport port-security violation restrict – buzilishga javob berish rjimini ko`rsatish. Bunda, agar interfeysda uchinchi notanish MAC-manzil paydo bo`lsa, undan keluvchi barcha paketlar qabul qilinmaydi. Undan tashqari syslog, SNMP trap, violetion counter ka`bi jurnallashtiruvchilarga xabar jo`natiladi.
switchport port-security violation shutdown- buzilish aniqlanganda interfeysni error-disabled holatiga o`tkazadi va o`chiradi. Undan tashqari syslog, SNMP trap, violetion counter ka`bi jurnallashtiruvchilarga xabar jo`natiladi. Ushbu holatdan chiqarish uchun shutdown va no shutdown buyruqlaridan foydalaniladi.
Agar interfeysga switchport port-security violation protect buyrug`i kiritilgan bo`lsa, unda notanish MAC-manzil paketlari qabul qilinmaydi va xech qanday xabar yaratilmaydi, hamda port shutdown holatiga o`tmaydi.
Ushbu usullardan switchport port-security violation restrict ko`pchilik hollarda tavsiya etiladi.
MAC-manzillar jadvalini tozalash
Boshqa qurilmalar ulanishi uchun MAC-manzillar jadvalini tozalash:
switch# clear port-security [all|configured|dynamic|sticky] [address
|interface ] switch #clear port-security all
switch #clear port-security configured switch #clear port-security dynamic switch #clear port-security sticky
Port-security sozlanishlari haqidagi ma’lumotlarni ko`rish
switch# show port-security
switch# show port-security interface fa0/3 switch# show port-security address
|
| |
