What is preventing the user to connect an unauthorized device ?
Connecting an unauthorized device can spread the virus over the network. This allows anyone to connect and capture confidential data from your system with ease.This results in the compromise of password and lot other possibilities for security vulnerability.
How to prevent ?
Security is multi-level and multi-layers
First line of defense is port security
Basic Steps:
MAC address
Configure the switch port to allow specific MAC addresses Use the command, switchport port-security mac-address and type the MAC address If you want to configure the currently connected device on the port Use the command, switchport port-security mac-address sticky.
Maximum
The maximum number of secure MAC addresses for the interface one or more devices can be plugged in (Eg: IP Phone and PC) Default value is one.
Violation
If the device with a different MAC address (which is not configured on the port) tries to connect, then Violation has occurred
Action can be taken on violation
Shutdown
It shut down the port (Error disable state) Default action Port come back on when admin reset the port. Even the configured device plugged in back, the port won’t be switched on.
Protect
Stop the traffic on the port when the device with different MAC tries to connect. If you reconnect the configured device, It will allow the traffic.
Restrict
Stop the traffic on the port when the device with different MAC tries to connect. If you reconnect the configured device, It will allow the traffic. Register the violation. (How many times violation occurred)