In this lesson, you will learn how to configure port security to restrict the number of MAC addresses per port, specify which MAC addresses are allowed, and control what happens when violations occur. To understand port security, you should be familiar with how switches learn MAC. If you try to set the maximum value to a number less than the number of secure addresses already configured on an interface, the command is rejected. The maximum number of secure MAC addresses that you can configure on a switch is set by the maximum number of available MAC addresses allowed in the. In MAC-flooding, an attacker can connect a laptop into an empty Switch port or empty RJ45 wall socket, and he can use hacking tools to generate millions of Ethernet frames with fake source MAC addresses and send them to the switch interface. If you use this feature, the switch will allow only the authorized device to access the port. Create a practice lab on Packet Tracer. What is Port-Security? On Cisco Catalyst switches, port security is a per-interface feature that enforces a limit and a list of allowed MAC addresses. If a device connects and its MAC is allowed, all good.
[PDF Version]