Configuring and Monitoring Port Security
Operating Notes for Port Security
From the Menu Interface: In the Main Menu, click on 4. Event Log and use
N
ext page and Prev page to review the Event Log contents.
For More Event Log Information. See “Using the Event Log To Identify
Problem Sources” in the "Troubleshooting" chapter of the Management and
Configuration Guide for your switch.
Web: Checking for Intrusions, Listing Intrusion Alerts, and
Resetting Alert Flags
1. Check the Alert Log by clicking on the Status tab and the [Overview] button.
If there is a “Security Violation” entry, do the following:
a. Click on the Security tab.
b. Click on
[Intrusion Log]. “Ports with Intrusion Flag” indicates any ports
for which the alert flag has not been cleared.
c. To clear the current alert flags, click on
[Reset Alert Flags].
To access the web-based Help provided for the switch, click on
[?] in the web
browser screen.
Operating Notes for Port Security
Identifying the IP Address of an Intruder. The Intrusion Log lists
detected intruders by MAC address. If you are using HP TopTools for Hubs &
Switches to manage your network, you can use the TopTools inventory reports
to link MAC addresses to their corresponding IP addresses. (Inventory reports
are organized by device type; hubs, switches, servers, etc.)
Proxy Web Servers. If you are using the switch’s web browser interface
through a switch port configured for Static port security, and your browser
access is through a proxy web server, then it is necessary to do the following:
■ Enter your PC or workstation MAC address in the port’s Authorized
Addresses list.
■ Enter your PC or workstation’s IP address in the switch’s IP Autho-
rized Managers list. See "Using Authorized IP Managers" in the
Management and Configuration Guide for your switch.)
7-22
