Controlling Traffic
and Switch Access
See the following sections for configuration information about these topics:
■
11-1: Broadcast Suppression: Describes the method for preventing the switch from
forwarding excessive broadcasts received on a port
11-2: Protocol Filtering: Explains how to configure a port to prevent forwarding of
■
flood packets of a particular protocol out a port
11-3: Port Security: Provides the information required to configure a port for use
■
only by a specified list of clients based on MAC addresses
■
11-4: VLAN Access Control Lists: Describes how to control the traffic that passes
through a Layer 2 switch using access control lists applied to a VLAN
11-5: Switch Authentication: Explains how to configure the switch for use of a
■
RADIUS, TACACS, or TACACS+ for authentication into the switch
11-6: Access Class: Shows how to create a list of hosts that are permitted to access
■
the switch for management purposes (Telnet, SNMP, and HTTP)
■
11-7: SSH Telnet Configuration: Provides the information needed to configure the
switch for Secure Shell Telnet logins
■
11-8: 802.1X Port Authentication: Describes how to configure a port to require a
login or certificate for user authentication before granting access to the network
11-9: Layer 2 Security: Explains how to configure Layer 2 security features to
■
prevent known security attacks
Note Many of the traffic-control features covered in this chapter are dependent on the
hardware and products. As you read through this chapter, note that many of the commands
differ between the product lines and that some of the features discussed are not supported.
Chapter 11