1. Home
  2. D-Link
  3. D-Link DGS-1210 User Manual
  4. Page 83

D-Link DGS-1210 Smart Managed Gigabit Switches

User Manual - Page 83

For DGS-1210.

PDF File Manual, 127 pages, Read Online | Download pdf file

DGS-1210 photo
Loading ...
Loading ...
Loading ...
4 Configuration D-Link Smart Managed Switch User Manual
78
The Smart Binding function is port-based, meaning that a user can enable or disable the function on any
individual port. Once Smart Binding is enabled on a switch port, the switch will restrict or allow client access
by checking the pair of IP-MAC addresses with the pre-configured database, also known as the “IMPB white
list”.
Users can enable or disable the Inspection packets and DHCP Snooping on the Switch.
Figure 4.104Security > Smart Binding > Smart Binding Settings
The Smart Binding Settings page contains the following fields:
From Port/ To Port: Select a range of ports to set for IP-MAC-port binding.
State: Use the drop-down menu to enable or disable these ports for Smart Binding.
Enabled Enable Smart Binding with related configurations to the ports
Disabled Disable Smart Binding.
Packet Inspection: Specifies ARP Inspection or IP+ARP Inspection for the IP packets. If ARP inspection is
selected, the Switch will inspect incoming ARP packets and compare them with the Switch’s Smart Binding
white list entries. If the IP-MAC pair of an ARP packet is not found in the white list, the Switch will block the
MAC address. A major benefit of Loose state is that it uses less CPU resources. However, it cannot block
malicious users who send only unicast IP packets. An example of this is that a malicious user can perform
DoS attacks by statically configuring the ARP table on their PC. In this case, the Switch cannot block such
attacks because the PC will not send out ARP packets. If ARP+ IP Inspection mode is selected, the Switch
will inspect all incoming ARP and IP packets and compare them to the IMPB white list. If the IP-MAC pair
find a match in the white list, the packets from that MAC address are unblocked. If not, the MAC address will
stay blocked. While the mode examines every ingress ARP and IP packet, it enforces better security.
DHCP Snooping: By enable DHCP Snooping, the switch will snoop the packets sent from DHCP Server and
clients, and update information to the White List. This includes DHCPv6 snooping.
Click Apply to make configurations make effects.
Security > Smart Binding > Smart Binding
The Smart Binding Settings page allows users to set IP-MAC-Port Binding entries by manually entering
required information, or by scanning all connected devices and clicking to bind.
Loading ...
Loading ...
Loading ...