Network security notifications

By default, a switch is enabled to send the SNMP notifications listed in Supported Notifications when a network security event (For example, authentication failure) occurs. However, before security notifications can be sent, you must first configure one or more trap receivers or SNMPv3 management stations as described in:

You can manage the default configuration of the switch to disable and re-enable notifications to be sent for the following types of security events:

  • ARP protection events

  • Inability to establish a connection with the RADIUS or TACACS+ authentication server

  • DHCP snooping events

  • Dynamic IP Lockdown hardware resources consumed

  • Link change notification

  • Invalid password entered in a login attempt through a direct serial, Telnet, or SSH connection

  • Manager password changes

  • Port-security (web, MAC, or802.1X) authentication failure

  • SNMP authentication failure

  • Running configuration changes