Re: Edge-ports

Magnus Tengmo · ‎05-12-2008

Hi!

What security featurus should be applied on edge-ports ? We are using 2626,2810 and 2900.

loop-protection seems very good
dhcp-snooping working good? (only on 2626/2900)
arp protection ?

Best Regards, Magnus

cenk sasmaztin · ‎05-12-2008

hi magnus
can you say edge port for switch connection or client connection?

cenk

Magnus Tengmo · ‎05-12-2008

For client-connection (workstations).

Best Regards, Magnus

cenk sasmaztin · ‎05-12-2008

hi magnus

many security options for client connection on procurve

1-)802.1x authentication with radius method
for port security perfect solution windows active directory and ias servis and radius server with procurve switch solition ;only autorazise in your domain users connect switch port

for example:
(config)#radius-server host 100.100.100.80 key xxxxxx
(config)#aaa authentication port-access eap-radius
(config)aaa accounting network start-stop radius
(config)aaa port-access authenticator 1-20
(config)aaa port-access authenticator active

other config microsoft domain control ,active directory and ias service
--------------------------------------------
2-)port security
port security ;classic port security operation each port auto learn client mac address and only this mac or macs (maximum 32 mac address)enable connection can unautoraize mac address connection port disable or send alarm alternative.

(config)#port-security learn mode static address limit 1 action send-disable
-------------------------------------------
3-)dhcp snooping
only autoraize dhcp server broadcast dhcp message other dhcp broadcast no flood in switch

(config)#dhcp snooping
(config)#dhcp-snooping no option 82(so dhcp server and client same subnet)
(config)dhcp-snooping trus 10,26(interface 10 for dhcp server connection interface 26 for uplink other switch)all other port untrust port
--------------------------------------------

good luck

cenk

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Edge-ports

Edge-ports

Re: Edge-ports

Re: Edge-ports

Re: Edge-ports