Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

Show Port-Security of multiple switches

naeschlimann

Hello everyone,

I Have multiple switches (Cisco + Brocade) in one Group.

I want to be able to show the port security (if it is enable or not) on all ports of all switches.

How can I do that ?

Thank you.

Find more posts tagged with

Accepted answers

All comments

zyl

Hello,

Use Compliance Policy Reports.

Rule for Cisco devices:

Config block start: use your interface type.

Brocade - depends of config, you could also use "Blocks" for searching.

Regards,

Mateusz

naeschlimann

Thank you ! It works great. I Have a few interfaces (They are trunks) where I did not enable the port-security (It is normal). Is that possible to avoid the control on these interfaces ?

Maybe I can add an excpetion where "switchport mode trunk" is enable ?

cvachovecj

Hi naeschlimann,

You can extend the condition -- click on "Add Another String" and define the condition as "must not contain" string "switchport mode trunk".

Regards,

Jiri

naeschlimann

Hi Jiri,

Thank you for your advice but it does not work well. Look at the print screen below and tell me if I did something wrong. Even if he found trunk and did NOT find port security it marks the rule as violated.

blackwed

I am struggling to get a report on port security to report back against all our switches in one single run. That is to say I can't find a way in either the config block or an reg expression to allow for EITHER a fast ethernet or gigabit ethernet interface to be queried. I can get results from an either or as per this report in the thread, but despite reading a number of other threads I can't seem to figure out a way to get results if the report is run against a fleet of Cisco switches that include models some with Fa's and others with Gi's interfaces.

Can anyone shine a light on how this might be achieved please in one report run?

We actually have tasked a contractor who specialises in Orion to figure a way to do this. and he has not succeeded either! Perhaps it isn't possible?

Any help appreciated.

Cheers.

zyl

Create two separate Rules, one for Gig interfaces and another one for Fa interfaces.

Put those into same Policy and then into Report.

Your Report should have two columns and violation should be related only to specific switch model (of course you can have 100M switch with 1Gig uplinks and report will include those).

Remember to mark this as String NOT found and use blocks (for Gig and Fa)

The first question should be - what do you want to achieve? You want to rule out ports where port-security is disabled?

Cheers,

Mateusz