(Configuring Cisco Switch Port Security Summary: "Cisco Networking Academy Tutorial CCNAExplorations<imgsrc="static/image/smiley/default/sweat.gif"smilieid="10"border="0"alt=""/>AN Switching and "Wireless" is a supporting written teaching material for the 4th edition of CCNAExploration course of Cisco Network Technology Academy. Chapter 2 describes the basic concepts and configuration of switches. This section talks about configuring port security. A switch that does not provide port security would allow an attacker to connect to an unused enabled port on the system and perform information gathering or attack. A switch can be configured to act like a hub, which means that every system connected to the switch has the potential to detect all network traffic flowing through the switch to all systems connected to the switch. Thus, attackers can collect traffic with valid usernames, passwords, or system configuration information on the network. All switch ports or interfaces should be maintained before deploying the switch. Port security limits the number of valid MAC addresses permitted on a port. If a secure port is assigned a secure MAC address, the port will not forward packets when their source address is not an address in the defined address group. If the number of secure MAC addresses is limited to one, and only one secure MAC address is assigned to the port, the office station connected to the port will be guaranteed to obtain the full bandwidth of the port, and only the office station with the address of that particular secure MAC address will be able to Successfully connected to the switch port. If the port is configured as a secure port and the number of secure MAC addresses
Configuring Cisco Switch Port Security.pdf)