摘要 |
A method and system of providing physical port security in a digital data network is disclosed. The system keeps bit maps of allowed physical output ports for each physical network connection. The map of allowed ports can be different for different source addresses connected to the device. When digital data, such as an IP packet, is received, the appropriate physical port security bit map is retrieved and a logical AND is done on the physical port bit map generated by the destination information. The resulting bit map is used to determine which physical ports the data is routed to, blocking any requested destinations that are not appropriate destinations based on the port security bit map.
|