Definition – Port Security
Port security is a feature in network switches that allows administrators to restrict the number of MAC addresses allowed on a specific port. It enhances network security by preventing unauthorized devices from connecting to the network and by limiting the impact of certain types of attacks, such as MAC flooding attacks.
With port security enabled, a switch keeps a list of allowed MAC addresses for each port. When a device attempts to connect to the network through a secured port, the switch checks the device’s MAC address against the list. If the MAC address is on the list, the switch allows the connection. If the MAC address is not on the list or if the list is full, the switch can take various actions, such as blocking the port or sending an alert to the network administrator.
Port security can also be configured to dynamically learn and add MAC addresses to the list, allowing for flexibility in environments where devices may change frequently. Additionally, administrators can set violation modes to specify how the switch should handle violations, such as shutting down the port or limiting the number of learned MAC addresses.
Detailed explanation of how port security works
- MAC Address Filtering: Port security primarily relies on MAC (Media Access Control) addresses, which are unique identifiers assigned to network interface controllers (NICs) of devices. Switches maintain a MAC address table that maps MAC addresses to the physical ports on the switch.
- Configuring Port Security: Port security is configured on a per-port basis. Network administrators can specify various parameters for each port, including the maximum number of allowed MAC addresses, the action to take when the limit is exceeded, and the specific MAC addresses allowed to access the port.
- MAC Address Limit: Administrators can set a limit on the number of MAC addresses allowed to access a port. If the limit is exceeded, the switch can take predefined actions, such as shutting down the port, sending an alert, or forwarding traffic to a specific port.
- Allowed MAC Addresses: In addition to limiting the number of MAC addresses, administrators can also specify which MAC addresses are allowed to connect to a port. This whitelist approach ensures that only authorized devices can access the network through that port.
- Dynamic Address Learning: Switches can dynamically learn MAC addresses by monitoring the source MAC addresses of incoming frames. When a device connects to a port, the switch records its MAC address in its MAC address table. This feature allows for automatic updating of the list of allowed MAC addresses.
- Violation Actions: When a violation occurs (e.g., exceeding the maximum number of allowed MAC addresses or an unauthorized MAC address attempts to access the port), the switch can take predefined actions. These actions may include shutting down the port, sending a notification to the network administrator, or forwarding traffic to a specific port.
- Security Logging: Port security events can be logged for auditing and troubleshooting purposes. This logging provides visibility into unauthorized access attempts and helps administrators identify security threats.
Summary
Port security is a feature in network switches that enhances security by limiting the number of MAC addresses allowed on a port. When enabled, the switch maintains a list of approved MAC addresses for each port. When a device attempts to connect, the switch compares its MAC address to the list. If the address is approved, the connection is allowed; otherwise, the switch can block the port or alert the administrator.
Port security helps prevent unauthorized devices from accessing the network and protects against certain types of attacks, like MAC flooding. It can also be configured to dynamically add MAC addresses to the approved list as devices connect, allowing for flexibility in changing environments. Administrators can set violation actions, such as shutting down the port or limiting the number of MAC addresses, to further enhance security.
Useful Links
https://sanchitgurukul.com/switch
https://sanchitgurukul.com/tutorials-cat
