[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference netcad::hub_mgnt

Title:	DEChub/HUBwatch/PROBEwatch CONFERENCE
Notice:	Firmware -2, Doc -3, Power -4, HW kits -5, firm load -6&7
Moderator:	NETCAD::COLELLADT

Created:	Wed Nov 13 1991
Last Modified:	Fri Jun 06 1997
Last Successful Update:	Fri Jun 06 1997
Number of topics:	4455
Total number of notes:	16761

827.0. "Security&configuration" by MAADSP::DJAMES () Wed Mar 16 1994 04:54

    I had a customer who saw a demo of hubwatch on the 900 and he asked two
    questions that I could not answer.
    
    
    1. Can you set security on a particular port to prevent someone who may
    have a sniffer from seeing or generating data?
    
    2. Can a group of ports be assigned to a to different segments?
      
       Example DECrepeater ports a1-a7 configured for lan1 b1-b7 for lan2.
    
    d.j.

T.R Title User Personal
Name Date Lines

827.1 DELNI::GIUNTA Wed Mar 16 1994 11:56 22

T.R	Title	User	Personal Name	Date	Lines
827.1		DELNI::GIUNTA		`Wed Mar 16 1994 11:56`	22
	Yes, you can set security on a per port basis on the repeaters. Notes 601 and 356 have more details on it, so you might want to refer there. You can have eavesdropping protection so that the sniffer will only receive a jam pattern since it's address will not be the one that is expected. However, with the current repeaters, the sniffer would be able to send a message [intrusion] but the intrusion would be logged. You can set the repeater to disable the port on intrusions, or just log it. Future repeaters will be able to also jam the intruding message. Regarding your second question, current repeaters cannot have ports assigned to different LAN's. That capability will not be available until Q1/Q2 when the port switching repeaters [DETPT, DETPJ, and DECPM] start shipping. The only exception to that today is the DEFMM, DECrepeater 900FP, which is a fiber repeater and will allow pairs of ports to be assigned to different LAN's. Regards, Cathy

    Yes, you can set security on a per port basis on the repeaters.
    Notes 601 and 356 have more details on it, so you might want
    to refer there.  You can have eavesdropping protection so that
    the sniffer will only receive a jam pattern since it's address
    will not be the one that is expected. However, with the current
    repeaters, the sniffer would be able to send a message [intrusion]
    but the intrusion would be logged.
    
    You can set the repeater to disable the port on intrusions,
    or just log it.  Future repeaters will be able to also jam the
    intruding message.
    
    Regarding your second question, current repeaters cannot have ports
    assigned to different LAN's.  That capability will not be 
    available until Q1/Q2 when the port switching repeaters [DETPT,
    DETPJ, and DECPM] start shipping.  The only exception to that
    today is the DEFMM, DECrepeater 900FP, which is a fiber repeater
    and will allow pairs of ports to be assigned to different
    LAN's.  
    
    Regards,
    Cathy