Back to glossary

Port Security

A Layer 2 security feature that restricts access to a switch port based on the MAC addresses of connected devices.

Categorynetwork

Overview

Port Security allows an administrator to control which devices are allowed to connect to specific physical ports on a switch. It is a primary defense against unauthorized devices joining the network.

Features

  • Maximum MACs: Limits the number of MAC addresses allowed on a port.
  • Sticky MACs: Dynamically learns MAC addresses and saves them to the running configuration.
  • Violation Actions: Defines what happens when an unauthorized device connects:
  • Shutdown: Disables the port (default).
  • Restrict: Drops traffic and logs the violation.
  • Protect: Drops traffic silently.