Access Security Guide K/KA/KB.15.15
Specifies whether an SNMP trap is sent to a network management station when
Learn Mode is set to static and the port detects an unauthorized device, or when
Learn Mode is set to continuous and there is an address change on a port.
none
Prevents an SNMP trap from being sent. none is the default value.
send-alarm
Sends an intrusion alarm. Causes the switch to send an SNMP trap to a network
management station.
send-disable
Sends alarm and disables the port. Available only in the static, port-access,
configured, or limited learn modes. Causes the switch to send an SNMP
trap to a network management station and disable the port. If you subsequently
re-enable the port without clearing the port's intrusion flag, the port blocks further
intruders, but the switch will not disable the port again until you reset the intrusion
flag. See the Note on (page 409).
For information on configuring the switch for SNMP management, see the
Management and Configuration Guide for your switch.
clear-intrusion-flag
Clears the intrusion flag for a specific port, see “Reading intrusion alerts and resetting
alert flags” (page 408).
no port-security port-list mac-address < mac-addr > mac-addr
mac-addr
Removes any specified learned MAC addresses from the specified port.
Eavesdrop Prevention is Disabled
Syntax
[no]port-security <port-list> eavesdrop-prevention
When this option is enabled, the port is prevented from transmitting packets that
have unknown destination addresses. Only devices attached to the port receive
packets intended for them. This option does not apply to a learning mode of
port-access or continuous. Default: Enabled
Figure 257 Show port-security Command Displaying Eavesdrop Prevention
MIB Support
The following MIB support is provided for Eavesdrop Prevention.
hpSecPtPreventEavesdrop OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
360 Port Security