EX Series Switch Software Features Overview
Security Features for EX Series Switches Overview
Port Security for EX Series Switches Overview
Understanding How to Protect Access Ports on EX Series Switches from Common Attacks
Understanding DHCP Snooping for Port Security on EX Series Switches
Understanding DAI for Port Security on EX Series Switches
Understanding MAC Limiting and MAC Move Limiting for Port Security on EX Series Switches
Understanding Trusted DHCP Servers for Port Security on EX Series Switches
Understanding IP Source Guard for Port Security on EX Series Switches
Understanding DHCP Option 82 for Port Security on EX Series Switches
Example: Configuring Port Security, with DHCP Snooping, DAI, MAC Limiting, and MAC Move Limiting, on an EX Series Switch
Example: Configuring MAC Limiting, Including Dynamic and Allowed MAC Addresses, to Protect the Switch from Ethernet Switching Table Overflow Attacks
Example: Configuring a DHCP Server Interface as Untrusted to Protect the Switch from Rogue DHCP Server Attacks
Example: Configuring MAC Limiting to Protect the Switch from DHCP Starvation Attacks
Example: Configuring DHCP Snooping and DAI to Protect the Switch from ARP Spoofing Attacks
Example: Configuring Allowed MAC Addresses to Protect the Switch from DHCP Snooping Database Alteration Attacks
Example: Configuring DHCP Snooping, DAI , and MAC Limiting on an EX Series Switch with Access to a DHCP Server Through a Second Switch
Example: Configuring IP Source Guard with Other EX Series Switch Features to Mitigate Address-Spoofing Attacks on Untrusted Access Interfaces
Example: Configuring IP Source Guard on a Data VLAN That Shares an Interface with a Voice VLAN
Example: Setting Up DHCP Option 82 with an EX Series Switch as Relay Agent Between Clients and a DHCP Server
Example: Setting Up DHCP Option 82 on an EX Series Switch with No Relay Agent Between Clients and DHCP Server
Configuring Port Security (CLI Procedure)
Configuring Port Security (J-Web Procedure)
Enabling DHCP Snooping (CLI Procedure)
Enabling DHCP Snooping (J-Web Procedure)
Enabling a Trusted DHCP Server (CLI Procedure)
Enabling a Trusted DHCP Server (J-Web Procedure)
Enabling Dynamic ARP Inspection (CLI Procedure)
Enabling Dynamic ARP Inspection (J-Web Procedure)
Configuring MAC Limiting (CLI Procedure)
Configuring MAC Limiting (J-Web Procedure)
Configuring MAC Move Limiting (CLI Procedure)
Configuring MAC Move Limiting (J-Web Procedure)
Setting the none Action on an Interface to Override a MAC Limit Applied to All Interfaces (CLI Procedure)
Configuring IP Source Guard (CLI Procedure)
Configuring Static IP Addresses for DHCP Bindings on Access Ports (CLI Procedure)
Setting Up DHCP Option 82 with the Switch as a Relay Agent Between Clients and DHCP Server (CLI Procedure)
Setting Up DHCP Option 82 on the Switch with No Relay Agent Between Clients and DHCP Server (CLI Procedure)
Configuring Autorecovery From the Disabled State on Secure or Storm Control Interfaces (CLI Procedure)
[edit ethernet-switching-options] Configuration Statement Hierarchy
[edit forwarding-options] Configuration Statement Hierarchy
allowed-mac
arp-inspection
circuit-id
dhcp-option82
dhcp-snooping-file
dhcp-trusted
disable-timeout
ethernet-switching-options
examine-dhcp
interface
ip-source-guard
location
mac
mac-limit
mac-move-limit
no-allowed-mac-log
no-gratuitous-arp-request
port-error-disable
prefix (for circuit-id)
prefix (for remote-id)
remote-id
secure-access-port
show system statistics arp
static-ip
timeout
traceoptions
use-interface-description
use-string
use-vlan-id
vendor-id
vlan (for secure-access port)
vlan (for static-ip)
write-interval
Monitoring Port Security
Verifying That DHCP Snooping Is Working Correctly
Verifying That a Trusted DHCP Server Is Working Correctly
Verifying That DAI Is Working Correctly
Verifying That MAC Limiting Is Working Correctly
Verifying That MAC Move Limiting Is Working Correctly
Verifying That IP Source Guard Is Working Correctly
Verifying That the Port Error Disable Setting Is Working Correctly
clear arp inspection statistics
clear dhcp snooping binding
clear dhcp snooping statistics
show arp inspection statistics
show dhcp snooping binding
show dhcp snooping statistics
show ethernet-switching table
show ip-source-guard
http://kb.juniper.net/
Troubleshooting Port Security
