Showing results for 
Search instead for 
Did you mean: 
Level 16

Re: Detecting Port Security

In the advanced config search portion of the page, right now you're looking for where the

"Config file" "Must Contain" "Find String" and "switchport port-security"

Just "Add another string" and have it do something like

"Config file" "Must NOT Contain" "Find String" "switchport mode trunk"

By having 2 comparisons within the config block, it should accomplish what you're looking for in a better way.  If you want to be a bit more "secure" in what you're doing, you could change it from "Find String" to a Regex pattern and anchor the strings to the beginning of the line, that way it can't be fooled if those strings end up in a description for instance...   So it would be something like "\s+switchport port-security" instead of what you have.   You could also do the EOL anchor if you wanted to also, but you might not depending on how you configure port-security.

Let me know if that makes sense!

Re: Detecting Port Security

hmmm it seems doing that it no longer limits the search to only ports configured with switchport mode access. which is to be expected. the only downfall with that is if i have a port that is not configured at all it shows it as a violation as well.

looks like some more tinkering is in order

0 Kudos