The purpose of port security is to prevent unauthorized access to the network by limiting the number of MAC addresses that can be learned on a switch port. Sticky MAC is a port security feature that dynamically learns MAC addresses on an interface and retains the MAC information in case the Mobility Access Switch reboots.Port security is a feature in network switches that limits the number of devices that can connect to a switch port. Sticky MAC is an alternative to the tedious and manual configuration of static MAC addresses on a port or to allow the port to continuously learn new MAC addresses after interface-down events.
Sticky MAC prevents traffic losses for trusted workstations and servers because the interface does not have to relearn the addresses from ingress traffic after a restart.Įnable Sticky MAC in conjunction with MAC limit to restrict the number of MAC addresses learning.Īllowing the port to continuously learn MAC addresses is a security risk. Sticky MAC with MAC limit prevents Layer 2 denial of service (DoS) attacks, overflow attacks on the Ethernet switching table, and DHCP starvation attacks by limiting the MAC addresses allowed while still allowing the interface to dynamically learn a specified number of MAC addresses. The interface is secured because after the limit has been reached, additional devices cannot connect to the port.īy enabling Sticky MAC learning along with MAC limiting, interfaces can be allowed to learn MAC addresses of trusted workstations and servers during the period from when the interface are connected to the network until the limit for MAC addresses is reached. This ensures that after this initial period with the limit reached, new devices will not be allowed even if the Mobility Access Switch restarts.Sticky MAC is not supported on untrusted interfaces.Sticky MAC is not supported on HSL interfaces.No global configuration to enable or disable Sticky MAC address learning.The Sticky MAC feature will be enabled at interface level as part of port-security profile.
0 kommentar(er)
