switch(config-if-range)#)# switchport port-security { Interfeysda port securityni
ishga tushurish }
Xavfsiz MAC-manzillarning maksimal soni
switchport port-security maximum N
– bu bir vaqtda N sonli MAC-manzillar
interfeysda ishlashini anglatadi.
Masalan:
switch(config-if-range)# switchport port-security maximum 1
Xavfsiz MAC-manzillarni sozlash
Manzillarni dinamik saqlash (
sticky
) buyrug`i orqali ishga tushurish:
switch(config-if-range)# switchport port-security mac-address sticky
Agar manzillarni statik tarzda kiritish kerak bo`lsa
sticky
buyrug`i o`rniga
manzillar yoziladi:
switch (config-if) # switchport port-security mac- address 0050.3e8d.6400
Xavfsizlik buzilishiga javob berish (реагирование) rejimini sozlash
Xavfsizlik buzilishiga javob berish ning uchta usuli mavjud:
switch(config-if)# switchport port-security violation
switchport port-security violation restrict
– buzilishga javob berish rejimini
ko`rsatish. Bunda, agar interfeysda uchinchi notanish MAC-manzil paydo bo`lsa,
undan keluvchi barcha paketlar qabul qilinmaydi. Undan tashqari syslog, SNMP
trap, violetion counter ka`bi jurnallashtiruvchilarga xabar jo`natiladi.
