What is preventing the user to connect an unauthorized device ?

Connecting an unauthorized device can spread the virus over the network. This allows anyone to connect and capture confidential data from your system with ease.This results in the compromise of password and lot other possibilities for security vulnerability.

How to prevent ?

Security is multi-level and multi-layers

First line of defense is port security

Basic Steps:

MAC address

Configure the switch port to allow specific MAC addresses Use the command, switchport port-security mac-address and type the MAC address If you want to configure the currently connected device on the port Use the command, switchport port-security mac-address sticky.

Maximum

The maximum number of secure MAC addresses for the interface one or more devices can be plugged in (Eg: IP Phone and PC) Default value is one.

Violation

If the device with a different MAC address (which is not configured on the port) tries to connect, then Violation has occurred

Action can be taken on violation

Shutdown

It shut down the port (Error disable state) Default action Port come back on when admin reset the port. Even the configured device plugged in back, the port won’t be switched on.

Protect

Stop the traffic on the port when the device with different MAC tries to connect. If you reconnect the configured device, It will allow the traffic.

Restrict

Stop the traffic on the port when the device with different MAC tries to connect. If you reconnect the configured device, It will allow the traffic. Register the violation. (How many times violation occurred)