1-2Intrusion protectionThe intrusion protection feature checks the source MAC addresses in inbound frames and takes apre-defined action accordingly upon detecting illegal frames. The action may be disabling the porttemporarily, disabling the port permanently, or blocking frames from the MAC address for three minutes(unmodifiable).TrapThe trap feature enables the device to send trap messages upon detecting specified frames that resultfrom, for example, intrusion or user login/logout operations, helping you monitor special activities.Port Security ModesThe port security modes can be two types:z Control of MAC addresses learning: Contains two modes. MAC address learning is permitted on aport in one mode and disabled in the other mode. Authentication is not involved.z Authentication: Security modes of this type use MAC authentication, or 802.1X authentication ortheir combinations to implement authentication.Upon receiving a packet, the port in a security mode searches the MAC address table for the sourceMAC address. If a match is found, the port forwards the packet. If no match is found, the port learns theMAC address or performs authentication according to the security mode. Upon detecting illegal packetsor events, the port takes the pre-defined action configured in NTK, intrusion protection or trap sending.Table 1-1 describes the port security modes and the security features.Table 1-1 Port security modesOn the port, if you want to… Use the security mode…Feature thatcan betriggeredUse the defaultnoRestrictionsIn this mode, port security is disabled on the port andaccess to the port is not restricted.—autoLearnControl MAC address learningsecureNTK/intrusionprotectionuserLogin —userLoginSecureuserLoginSecureExtPerform 802.1X authenticationuserLoginWithOUINTK/intrusionprotectionPerform MAC authentication macAddressWithRadius NTK/intrusionprotectionmacAddressElseUserLoginSecureElsemacAddressElseUserLoginSecureExtmacAddressOrUserLoginSecurePerform a combination of MACauthentication and 802.1Xauthentication OrmacAddressOrUserLoginSecureExtNTK/intrusionprotection