![switchport port security mac address sticky maximum switchport port security mac address sticky maximum](https://www.ictshore.com/wp-content/uploads/2017/02/1028-02-Checking_configuration.png)
A secure port cannot be a destination port for Switched Port Analyzer (SPAN).
![switchport port security mac address sticky maximum switchport port security mac address sticky maximum](http://4.bp.blogspot.com/-MeQJ4tXuQsQ/U-SugR2YQtI/AAAAAAAAA-Q/Uug9JFPnrnA/s1600/7.11.jpg)
Port security can only be configured on static access ports or trunk ports.In this mode, the VLAN is error disabled instead of the entire port when a violation occurs shutdown vlan-Use to set the security violation mode per-VLAN.When a secure port is in the error-disabled state, you can bring it out of this state by entering the errdisable recovery cause psecure-violation global configuration command, or you can manually re-enable it by entering the shutdown and no shut down interface configuration commands. shutdown-a port security violation causes the interface to become error-disabled and to shut down immediately, and the port LED turns off.An SNMP trap is sent, a syslog message is logged, and the violation counter increments. In this mode, you are notified that a security violation has occurred. restrict-when the number of secure MAC addresses reaches the maximum limit allowed on the port, packets with unknown source addresses are dropped until you remove a sufficient number of secure MAC addresses to drop below the maximum value or increase the number of maximum allowable addresses.The protect mode disables learning when any VLAN reaches its maximum limit, even if the port has not reached its maximum limit.
![switchport port security mac address sticky maximum switchport port security mac address sticky maximum](http://i.ytimg.com/vi/U_6PLc6I438/maxresdefault.jpg)
We do not recommend configuring the protect violation mode on a trunk port. You are not notified that a security violation has occurred.