Mitigate MAC Address Table Attacks – Port Security

Port security limits the number of valid MAC addresses allowed on a port

It allows an administrator to manually configure MAC addresses for a port or to permit the switch to dynamically learn a limited number of MAC addresses

When a port configured with port security receives a frame, the source MAC address of the frame is compared to the list of secure source MAC addresses that were manually configured or dynamically learned on the port

The simplest and most effective method to prevent MAC address table overflow attacks is to enable port security

By limiting the number of permitted MAC addresses on a port to one, port security can be used to control unauthorized access to the network