Switch Port Security

switch port security

Port Security is the security mechanism used in switches. With Port Security mechanism, a specific port of a switch can be protected with undesirable access.

The MAC address numbers connected to port or the specific MAC addresses can be configured on a swithport with Port Security. By doing this configuration, desired numbered of devices can connect to the switch over one port. And also a specific MAC addressed device can be allowed to access this port.

The number of desired device number is mentioned. After that the MAC address of this devices configured either statically or dynamically (sticky). If a manual MAC address is configured, then a device with this MAC address is waited and allowed to access. If there is no manual configuration, then dynamic (sticky) MAC adress learning is configured. And the first connected devices’s MAC address are registered up to the configured max accepted device value.

You can see the below shape as a little referance for Port Security. In this topology in switch maximum 2 allowed MAC is configured.And the allowed MAC adresses are mentined statically. So, the Host A and Host C is allowed, but Host be is not allowed for this port.

switch port security

Switch Port Security

On Cisco Catalyst Switches to enable this security functionality :

Switch(config)# interface fastEthernet 0/1
Switch(config-if)# switchport port-security

Maximum Number of MAC addresses allowed on the port :

Switch(config-if)# switchport port-security maximum 10

Statically configuration of allowed MAC addresses on the port :

Switch(config-if)# switchport port-security mac-address AAAA.BBBB.CCCC

This can be done for a VLAN also…

Switch(config-if)# switchport port-security mac-address AAAA.BBBB.CCCC vlan 10

Lesson tags: Port Security, Switch security
Back to: CCIE Enterprise Infrastructure > Switch Security

Leave a Reply

Your email address will not be published. Required fields are marked *


  • info@ipcisco.com
IPCisco is the Winner! “Best Certification Study Journey of 2019!”


CCIE Enterprise Infrastructure