Once a device starts an ARP Poisoning process or sniffing (actively) the port will shutdown (or other chosen action policy). Using the 'mac-address sticky' option you will reduce efforts for managing mac address table on each port, while 'mac-address maximum 2' will grant that no more than 2 MAC addresses can be applied on that port. It is necessary to be able to locate the IP address when programming devices to operate on the same network, because the IP address allows computers, printers and other electronic devices to identify and communicate with one another. Once someone asks you to disable a device, you can match the IP address with its MAC address and disable the port you need.Īlso you can prevent users from 'sniffing' the network by using the 'protected port' feature given by Cisco Catalysts. An IP address is a series of numbers that is unique to each modem, with no two modems having the same address. I would suggest you to do a map of the layer 2 of your network using some simple tool (nmap with -sP option to do a ping sweep of the entire subnet) and gathering the whole information in an Excel file (or equivalent). Also, from a security point of view, a portscan action can be done using a spoofed IP address, so the information given is unreliable.
Since the switch is working at Layer 2 of the OSI model, you cannot associate an IP address on a port, but only a MAC address and the port it is connected.
