Port security helps secure a network by stopping unknown devices from forwarding packets. Using port security permits a user to limit the number of MAC addresses on a given port. Packets that have matching MAC addresses are forwarded however all other packets are restricted. You can use port security on a per-port basis. Port security uses 2 traffic filtering methods which are Dynamic and Static locking, which can be used simultaneously. Dynamic locking allows a user to specify the maximum number of MAC addresses that can be learned on a port. Static locking enables a user to manually generate a list of static addresses for a port. Dynamic can be converted to statically locked addresses. Port security adds an added layer of security in a LAN and safeguards the switch port. Port security is often forgotten due to it being disabled by default. The command switchport port-security will enable it.
An example of how port security can help prevent problems would be if someone walked into Bellevue University and attempted to connect to the network. By turning on port security, you can protect against unauthorized network access like this. Some additional benefits of using port security at Bellevue University would be increased network reliability and availability by reducing outages caused by broadcast storms and limiting a network to one MAC address. DHCP availability and future proofing are other areas that are benefited by using port security. Configuring port security is fairly simple, especially in its simplest form where port security requires going to an already enabled switch port and entering commands.
Irfan, Yasir. “Introduction to Cisco port security and the reasons to implement.” IT Knowledge Exchange. www.Itknowledgeexchange.techtarget.com. Web. 17 Jun 2008. Accessed 24 May 2017.