1. Cisco Network Support Certifications 2. Networking Terms 3. INTRODUCTION TO NETWORKING 4. TYPES OF NETWORK 5. The Development of the Internet 6. NETWORK ARCHITECTURE 7. TOPOLOGY 8. BUS TOPOLOGY 9. RING TOPOLOGY 10. STAR TOPOLOGY 11. MESH TOPOLOGY 12. HYBRID TOPOLOGY 13. Speed of Networking device 14. NETWORK DEVICES 15. Exploring Wireless Network 16. REPEATERS 17. HUB 18. SWITCH 19. BRIDGE 20. ROUTERS 21. TRANSMISSION Telecommunication 22. Difference between Full Duplex, Half Duplex and Simplex 23. IP-ADDRESSING and IPV4 24. IPv4 address classes 25. IPV6 [ Internet Protocol Version 6 ] 26. SPEED OF VARIOUS DEVICES 27. Network Security 28. Some basic suggestion and steps to prevent Attacks and Network security 29. OSI model 30. UPPER and LOWER Layer 31. Application Layer (Layer 7) 32. Presentation Layer (Layer 6) 33. Session Layer (Layer 5) 34. Transport Layer (Layer 4) 35. Network Layer (Layer 3) 36. Data Link Layer 2 37. Physical Layer 1 38. TCP/IP The DoD Model 39. ROUTED PROTOCOL 40. Ports and Application 41. Important Application, Protocol and Port Number 42. Router Function 43. Types of Routing Protocols 44. STARTING ROUTER 45. CISCO IOS 46. Logging in to the Router 47. CISCO Router IOS commands List 48. Setting time and date of router 49. Router configuration commands 50. Optimizing Switch and Router 51. Understanding Router Terms 52. ROUTER SECURITY 53. Configuring CISCO SWITCH Security Policy 54. IMPLEMENTING STATIC ROUTING 55. UNDERSTANDING THE NEED FOR NAT 56. WAN Connections 57. Access List [ACL] 58. VLAN [Virtual Local Area Network] 59. SPANNING TREE :- BROADCAST STORM 60. Lab 1 Setting up a Serial Interface 61. Lab 2 : IP Addressing 62. Lab 3 Static Routes 63. Lab 4 Default Routes 64. Lab 5 RIP Routes 65. Lab 6 IGRP Routes 66. Lab 7 EIGRP Routes 67. Lab 8 OSPF Routes 68. Lab 9 CHAP and RIP 69. Lab 10 Standard Access-Lists with RIP 70. Lab 11 Extended Access-Lists with RIP 71. Lab 12 Static NAT 72. Lab 13 Many to One NAT 73. Lab 14 NAT Pool 74. Lab 15 ( 2950 Trunk ) 75. Lab 16 ( 2950 Trunk Dynamic ) 76. Lab 17 (2950 VLANs) 77. Lab 18 ( 2950 Deleting VLANs ) 78. Lab 19 ( 2950 VTP ) 79. Lab 20 ( 2950 VTP w/ client ) 80. Lab 21 ( 2950 Telnet )
Pr.Pg Next Pg

Configuring CISCO SWITCH Security Policy tutorials

To restrict single port by connecting multiport switch.

  • This is possible when one 1 mac address switch port, anyone who tries to attach multiple port switch or hub to connect to particular port and create another extended star network.

  • To restrict it do as shown here.


Switch(config)# show ip interface brief

Switch(config)# terminal monitor

Switch(config)# show mac address-table

Switch(config)# interface fastEthernet 0/5 or interface f3 0/5

Switch(config-if )# switchport mode access

Switch(config)# switchport port-security maximum 1


Switchport port security

  • What happens if someone connect multiport switch/hub It gives 3 option (Protect / Restrict / Shutdown )


Switch(config)# switchport port-security violation ?


Switchport port security protect

  • Protect : mode will only ignore it, only first mac address will work and rest will be Ignored when someone attach multiple port switch.


Switch(config)# switchport port-security violation Protect


Switchport port security restrict

  • Restrict will display message when someone tries to connect switch with multiple port. It will ignore remaining mac address and log message.

Switch(config)# switchport port-security violation Restrict


Switchport port security shutdown

  • Shutdown : when somebody try to attach multiple port hub on this port, then This port will shutdown. To again activate it you need to apply No shutdown on this interface.

Switch(config)# switchport port-security violation shutdown


Restrict port to use only specific mac address

  • This command will register mac address given to port no 0/5.

  • Anyone Other than this mac address will not be able to use switch.

  • However this will take very good time if you try to restrict each Interface by manually entering mac address of each desktop/laptop To check effect of above command


Switch(config)# switchport port-security mac-address 0015.cba1.eefa

Automatically assigning MAC address to switch

  • In above case you need to put lots of manual effort in entering Mac addresses of each desktop, laptop, switches. While sticky command can be applied when everything in organization is connected.

  • It will Automatically hardcode the mac address in running configuration.


Switch(config)# switchport port-security mac-address sticky

Switch(config)# ^z

Switch# show running-config

Switch# show port-security interface fastEthernet 0/5

Switch# show port-security


Automatically assigning MAC address to all Ports of Switch

  • It is time consuming and very difficult to set mac address for each ports.

  • So you can set range of ports for which you want to stick MAC address to switch.

  • Do as follows.


Switch# config terminal

Switch(config)# interface range fastEthernet 0/2 - 24

Switch(config)# switchport mode access

Switch(config)# switchport port-security mac-address sticky

Switch(config)# ^z

Pr.Pg border                                              Next Pg