Hello,

802.1x port-security with mac addresses is already supported.

Please add port-security that limits number of hosts that can be associated with an interface for both port- and mac-based authentication types.

With port-based authentication type this allows to secure the port after the first client got authenticated.

Please also add port-security violation which sets the action taken in security violation.

Protect: - In this action mode frames from non-allowed address would be dropped. It will not make log entry for dropped frames. Interface will learn address until it reach maximum allowed number. Any additionally learned addresses would be dropped while keeping interface operational.

Restrict: - In restrict action mode frames from non-allowed address would be dropped. But in this mode, switch will make a log entry and generate a security violation alert.

Shutdown: - In this action mode switch will generate the violation alert and disable the port. The admin can reenable the port.