Variable definitions

Use the data in the following table to configure general switch security.

Variable Value
AuthSecurityLock If this parameter is listed as locked, the agent refuses all requests to modify the security configuration. Entries also include:
  • other
  • notlocked
AuthCtlPartTime Indicates the duration of time for port partitioning in seconds. Default: 0 (zero). When the value is zero, port remains partitioned until it is manually reenabled.
SecurityStatus Indicates whether or not the switch security feature is enabled.
SecurityMode Indicates the mode of switch security. Entries include:
  • macList—Indicates that the switch is in the MAC-list mode. You can configure more than one MAC address for a port.
  • autoLearn—Indicates that the switch learns the MAC addresses on each port as allowed addresses of that port.
SecurityAction Indicates the actions performed by the software when a violation occurs (when SecurityStatus is enabled). The security action specified here applies to all ports of the switch.

A blocked address causes the port to be partitioned when unauthorized access is attempted. Selections include:

  • noAction—Port does not have security assigned to it, or the security feature is turned off.
  • trap—Listed trap.
  • partitionPort—Port is partitioned.
  • partitionPortAndsendTrap—Port is partitioned and traps are sent to the trap receive station.
  • daFiltering—Port filters out the frames where the destination address field is the MAC address of unauthorized Station.
  • daFilteringAndsendTrap—Port filters out the frames where the destination address field is the MAC address of unauthorized station. Traps are sent to trap receive stations.
  • partitionPortAnddaFiltering— Port is partitioned and filters out the frames where the destination address field is the MAC address of unauthorized station.
  • partitionPortdaFilteringAndsendTrap—Port is partitioned and filters out the frames where the destination address field is the MAC address of unauthorized station. Traps are sent to trap receive stations.

Attention

da means destination addresses.

CurrNodesAllowed Indicates the current number of entries of the nodes allowed in the AuthConfig tab.
MaxNodesAllowed Indicates the maximum number of entries of the nodes allowed in the AuthConfig tab.
PortSecurityStatus Indicates the set of ports for which security is enabled.
PortLearnStatus Indicates the set of ports where autolearning is enabled.
CurrSecurityLists Indicates the current number of entries of the Security listed in the SecurityList tab
MaxSecurityLists Indicates the maximum entries of the Security listed in the SecurityList tab.
AutoLearningAgingTime Indicates the MAC address age-out time, in minutes, for the autolearned MAC addresses. A value of zero (0) indicates that the address never ages out.
AutoLearningSticky (sticky-mac) Enables or disables MAC security auto-learning sticky mode.