I'm wanting to set up Port Security to limit ethernet ports on cisco switches to a single mac-address. This is easy enough to do, however I know we have a lot of users with hubs on their desks and I'd rather gather info on these users first and issue warnings than just auto-disable their connections.
I was hoping Port Security would have a Violation Mode which just sends an SNMP trap but still allows traffic to be forwarded. Then after a warning, i can change the mode and start blocking ports with >1 mac.
I've been checking "show mac-address table" manually and looking for duplicate interface entries, but this is painfully slow & ultimately not very accurate. Has anybody any other ideas. This needs to be done on various different types of cisco switch (from 2900 to 6500), including some CatOs.
Any guidance much appreciated.