Port Security

Reviewed some port security measures last night. The basics are as follows:

**SWITCHPORT MUST BE IN ACCESS MODE TO CONFIGURE PORT SECURITY**
(config-int)switchport port-security
(config-int)switchport port-security maximum [#] - Basically how many macs will it accept on the interface?
(config-int)switchport port-security mac-address [options] - dynamic, static, sticky, etc...
(config-int)switchport port-security violation [protect, restrict, shutdown]

• shutdown- shuts down the port, and places it in err-disabled state :) (its the default)
• restrict - drops violating frames, notifies syslog, etc...
• protect- drops all frames (does not go into err-disabled state)

You can also pre-set your switch to auto-recover from ports in err-disabled state for a plethera of reasons. Heres the basics:
(config)errdisabled recovery [interval in seconds, cause]

And finally the show command:
show port-security [port]