HP procurve 5300xl Series Access Security Manual page 247
Hide thumbs
Also See for procurve 5300xl Series:
- Management manual (664 pages) ,
- Specification sheet (12 pages) ,
- Management and configuration manual (508 pages)
Table of Contents
Advertisement
There is no need to lock MAC addresses
on switches in the Internal Core Network
Internal Core
Network
Network Edge
Figure 9-9. MAC Lockdown Deployed At the Network Edge Provides Security
5300
Switch
5300
Switch
Switch 1
M i x e d U s e r s
Basic MAC Lockdown Deployment. In the Model Network Topology shown
in Figure 7-9, the switches that are connected to the edge of the network each
have one and only one connection to the core network. This means each
switch has only one path by which data can travel to Server A. You can use
MAC Lockdown to specify that all traffic intended for Server A's MAC Address
must go through the one port on the edge switches. That way, users on the
edge can still use other network resources, but they cannot "spoof" Server A
and hijack data traffic which is intended for that server alone.
Configuring and Monitoring Port Security
5300
Switch
5300
Switch
Switch 2
MAC Lockdown
Server A
Lock Server A
to these ports
Edge Devices
9-23
Advertisement
Table of Contents
