Configuring Port and System Security 517Port Security (Port-MAC Locking)The Port Security feature allows you to limit the number of source MACaddresses that can be learned on a port. If a port reaches the configured limit,any other addresses beyond that limit are not learned and the frames arediscarded. Frames with a source MAC address that has already been learnedwill be forwarded.The purpose of this feature, which is also known as port-MAC locking, is tohelp secure the network by preventing unknown devices from forwardingpackets into the network. For example, to ensure that only a single device canbe active on a port, you can set the number of allowable dynamic addresses toone. After the MAC address of the first device is learned, no other devices willbe allowed to forward frames into the network.When link goes down on a port, all of the dynamically locked addresses arecleared from the source MAC address table the feature maintains. When thelink is restored, that port can once again learn addresses up to the specifiedlimit.The port can learn MAC addresses dynamically, and you can manually specifya list of static MAC addresses for a port.Default 802.1X ValuesTable 19-2 lists the default values for the Port Security feature.Configuring Port Security Configuration (Web)This section provides information about the OpenManage SwitchAdministrator pages for configuring and monitoring the IEEE 802.1Xfeatures and Port Security on a PowerConnect 7000 Series switch. For detailsabout the fields on a page, click at the top of the page.Table 19-3. Default Port Security ValuesFeature DescriptionPort security UnlockedPort security traps DisabledMaximum learned MAC addresses 100 (when locked)Monitor mode Disabled