🔐 What is Switch Port Security?
Switch Port Security is a Layer 2 security feature available on Cisco switches (and other vendors too) that allows you to control access to a switch port based on the MAC address of devices connected to it. It's mainly used to prevent unauthorized devices from accessing the network.

⚙️ How It Works (Functionality):
When port security is enabled on a switch port:

MAC Address Limiting:
You can limit the number of MAC addresses that are allowed on a single port (e.g., only 1 device is allowed).

Sticky MAC Learning:
The switch can automatically learn the MAC address of the connected device and add it to the port security table. These learned MACs can be saved in the running config using the sticky option.

Violation Modes:
If an unauthorized MAC address tries to access the port, the switch takes action based on the violation mode configured:

Protect: Drops packets from unknown MACs but keeps the port up.

Restrict: Same as protect, but also sends an alert and increments a violation counter.

Shutdown (default): Puts the port into error-disabled state (turns it off).

Aging of MACs:
You can configure aging time to remove dynamic MAC addresses after a certain period if they’re no longer active.

lab work

Switch port-security
Switch(config)#int fa0/1
Switch(config-if)#switchport mode acc
Switch(config-if)#swit por?
port-security

Switch(config-if)#swit por
Switch(config-if)#swit port-security ?
aging Port-security aging commands
mac-address Secure mac address
maximum Max secure addresses
violation Security violation mode

Switch(config-if)#swit port-security mac
Switch(config-if)#swit port-security mac-address ?
H.H.H 48 bit mac address
sticky Configure dynamic secure addresses as sticky
Switch(config-if)#swit port-security mac-address sticky ?
H.H.H 48 bit mac address

Switch(config-if)#swit port-security mac-address sticky
Switch(config-if)#swi po
Switch(config-if)#swi port-security ?
aging Port-security aging commands
mac-address Secure mac address
maximum Max secure addresses
violation Security violation mode

Switch(config-if)#swi port-security max ?
<1-132> Maximum addresses
Switch(config-if)#swi port-security max 1?
<1-132>

Switch(config-if)#swi port-security max 1

Switch(config-if)#swi port-security violation ?
protect Security violation protect mode
restrict Security violation restrict mode
shutdown Security violation shutdown mode
Switch(config-if)#swi port-security violation shutdown
Switch(config-if)#exit
Switch(config)#
Switch#
%SYS-5-CONFIG_I: Configured from console by console

show the status of port security before ping the pc
Switch#sh port
Switch#sh port-security int fa0/1
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0

AFTER PING IT AUTO GAIN THE MAC
Switch#sh port-security int fa0/1
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 0
Sticky MAC Addresses : 1
Last Source Address:Vlan : 000D.BDC8.51D7:1
Security Violation Count : 0

now connect the unauthorized pc to the switch

you can see the interface is red thats means it administrator down
lets see the switch cli
%LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down

Switch#sh port-security int fa0/1
Port Security : Enabled
Port Status : Secure-shutdown
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 0
Sticky MAC Addresses : 1
Last Source Address:Vlan : 0007.EC3A.B55E:1
Security Violation Count : 1

here you can see the Security Violation Count : 1