1 00:00:00,416 --> 00:00:05,125 In the previous video, we already learn about violation shutdown. 2 00:00:05,623 --> 00:00:13,229 Remember that we have 3 option for violation, which is shutdown, restrict, and protect. 3 00:00:13,867 --> 00:00:20,687 If we use violation shutdown, the interface will be shutdown, the light will become red. 4 00:00:21,709 --> 00:00:27,400 But if we use restrict or protect, the interface will not shutdown. 5 00:00:27,872 --> 00:00:33,408 The interface will still up, but all of packet will be blocked. 6 00:00:34,187 --> 00:00:40,727 So even the interface is up, but the hacker still can not send any packet. 7 00:00:41,519 --> 00:00:46,556 Next, we will talk about the differences between restrict and protect. 8 00:00:47,450 --> 00:00:54,817 If we use restrict, the security violation count will be increase every time the violation is reach, 9 00:00:55,596 --> 00:01:01,239 but if we use protect, the security violation count will never increase. 10 00:01:01,916 --> 00:01:03,260 What is that means? 11 00:01:04,294 --> 00:01:06,165 Let’s go to the switch, 12 00:01:14,849 --> 00:01:22,095 here when we check in the port security, we can see security violation count. 13 00:01:22,644 --> 00:01:30,751 If we use protect, the security violation count will always 0, but if we use restrict, 14 00:01:30,751 --> 00:01:35,906 the security violation count will increase every time the violation is reach. 15 00:01:37,387 --> 00:01:41,527 Okay that is the differences between restrict and protect. 16 00:01:42,472 --> 00:01:46,172 In this video, we are going to try protect first. 17 00:01:46,823 --> 00:01:52,899 In this case we will configure port security on interface connected to server 3, 18 00:01:53,550 --> 00:01:57,134 which is interface fa0/3. 19 00:01:58,079 --> 00:02:06,511 Let’s open the switch, go to interface fa0/3 and then set the mode to access. 20 00:02:07,315 --> 00:02:13,400 Remember that we need to change the mode to access before configuring port security 21 00:02:14,779 --> 00:02:18,309 Next, let’s activate the port security. 22 00:02:19,867 --> 00:02:26,809 Now let’s configure the mac address, in this case, I will configure using sticky, 23 00:02:27,550 --> 00:02:32,132 so the switch will detect the mac address of server automatically. 24 00:02:33,422 --> 00:02:36,377 Next, let’s configure maximum to 1. 25 00:02:39,735 --> 00:02:42,797 And then we will use violation protect. 26 00:02:44,253 --> 00:02:51,144 Let’s check the configuration, do show port-security interface fa0/3. 27 00:02:52,114 --> 00:03:00,417 Here we can see that port security is enabled, the status is secure up, violation mode protect, 28 00:03:00,927 --> 00:03:05,310 and if we see here the sticky mac address is still 0. 29 00:03:06,000 --> 00:03:09,658 This is means that server3 is not registered yet. 30 00:03:10,437 --> 00:03:13,363 Let’s try to send packet from server 3. 31 00:03:15,470 --> 00:03:22,932 Let’s check in the switch again, okay here we can see that now sticky mac address is 1, 32 00:03:23,468 --> 00:03:26,517 this is means that server 3 is registered. 33 00:03:27,961 --> 00:03:38,504 Now let’s try to move cable from server 3 to the hacker pc. Let’s try ping from hacker 34 00:03:38,504 --> 00:03:47,887 to server 2, here we can see that the result is failed, but the light is still orange, 35 00:03:48,461 --> 00:03:50,740 let’s click fast forward time. 36 00:03:51,838 --> 00:03:56,884 Let’s try to ping from hacker again, okay still failed. 37 00:03:57,255 --> 00:04:05,565 Let’s test again, still failed, let’s test to server 1, also failed. 38 00:04:06,101 --> 00:04:08,546 Test again, still failed. 39 00:04:09,440 --> 00:04:14,443 This is means that the hacker can not send any packet to anywhere. 40 00:04:15,643 --> 00:04:23,911 But here we can see that the light is still green, this is means that the port is not shutdown. 41 00:04:24,369 --> 00:04:31,380 This is because we use violation protect, remember that if we use violation protect, 42 00:04:31,380 --> 00:04:36,786 the interface is not shutdown, but all of packet will be blocked. 43 00:04:37,667 --> 00:04:44,611 Let’s check the port security, do show port-security interface fa0/3. 44 00:04:45,824 --> 00:04:54,573 Here we can see that the status is still secure up, and security violation count is still 0. 45 00:04:56,116 --> 00:05:03,410 Once again, remember that if we use violation protect, the security violation count never increased. 46 00:05:04,112 --> 00:05:09,531 But if we use restrict, the security violation count will increase. 47 00:05:10,949 --> 00:05:15,000 Okay now let’s bring the cable back to server 3. 48 00:05:17,792 --> 00:05:24,416 Fast forward time, and then let’s try to send packet from server 3 to server 2. 49 00:05:25,412 --> 00:05:28,283 Here we can see that the result is success. 50 00:05:28,871 --> 00:05:35,218 Let’s test again from server 3 to pc, okay this is also success. 51 00:05:36,584 --> 00:05:44,153 So here, when we bring the cable back to the right server, the server will able to communicate again. 52 00:05:44,706 --> 00:05:50,493 This is different with violation shutdown, if we use violation shutdown, we will need 53 00:05:50,493 --> 00:05:55,664 to use command shutdown and then no shutdown to enable the interface. 54 00:05:56,890 --> 00:06:04,609 But if we use violation protect, the server will up, without doing any additional configuration. 55 00:06:06,000 --> 00:06:12,376 Okay I think enough for this video, in the next video we are going to learn about violation 56 00:06:12,376 --> 00:06:13,375 restrict. 57 00:06:13,950 --> 00:06:17,300 Thankyou for watching and see you on the next video.