Filter
Top Products
CHAPTER
Send documentation comments to mdsfeedback-doc@cisco.com.
31-1
Cisco MDS 9000 Family Fabric Manager Configuration Guide
OL-6965-03, Cisco MDS SAN-OS Release 2.x
31
Port Security
All switches in the Cisco MDS 9000 Family provide port security features that reject intrusion attempts
and report these intrusions to the administrator.
Note Port Security is only supported for Fibre Channel ports.
This chapter includes the following sections:
• About Port Security, page 31-1
• Configuring Port Security, page 31-3
• Configuring Port Security Manually, page 31-6
About Port Security
Typically, any Fibre Channel device in a SAN can attach to any SAN switch port and access SAN
services based on zone membership. Port security features prevent unauthorized access to a switch port
in the Cisco MDS 9000 Family:
• Login requests from unauthorized Fibre Channel devices (Nx ports) and switches (xE ports) are
rejected.
• All intrusion attempts are reported to the SAN administrator through system messages.
About Auto-Learn
You can instruct the switch to automatically learn (auto-learn) the port security configurations over a
specified period. This feature allows any switch in the Cisco MDS 9000 Family to automatically learn
about devices and switches that connect to it. Use this feature to activate the port security feature for the
first time as it saves manual configuration for each port. Auto-learn is configured on a per-VSAN basis.
If enabled, devices and switches that are allowed to connect to the switch are automatically learned, even
if you have not configured any port access.