Configuring port security

Port security combines and extends 802.1X and MAC authentication to provide MAC-based network access control. It applies to networks that require different authentication methods for different users on a port, such as a WLAN.

Port security prevents unauthorized access to a network by checking the source MAC address of inbound traffic and prevents access to unauthorized devices by checking the destination MAC address of outbound traffic.

Port security can control MAC address learning and authentication on a port to make sure the port learns only source trusted MAC addresses.

A frame is illegal if its source MAC address cannot be learned in a port security mode or if it is from a client that has failed 802.1X or MAC authentication. The port security feature automatically takes a pre-defined action on illegal frames. This automatic mechanism enhances network security and reduces human intervention.

	NOTE: For scenarios that require only 802.1X authentication or MAC authentication, Hewlett Packard Enterprise recommends that you use the 802.1X authentication or MAC authentication feature rather than port security. For more information about 802.1X and MAC authentication, see "Configuring 802.1X" and "Configuring MAC authentication."