we have the following standard config of switch port. but frequently when users try to copy big files, or use ftp, prequently the port get's locked down. We would like to somehow protect our network, but would be safe to increase the level of storm controls?
I would say that it was the storm-control unicast level 85 that was causing your problem. I would simply remove it, it is not very useful on an access port anyway.
Usually your trunk links have a higher bandwidth than each individual access port, so it it sufficient to let the bandwidth of the port limit the unicast traffic.
If you really want to limit the unicast traffic from the access port, then you might be able to use the QoS tools for that, depending on which switch you have.
Oh, and it is normally bad practice to put spanning-tree bpdufilter on your access ports unless you absolutely need to for some obscure reason. You are inviting your users to connect two ports together with a cross-cable and so bring down the whole network. (Althouth your storm-control will migitate that in your case.)
I noticed there is no switchport access vlan in you config. Was this left out in purpose for the post, and do you set them in real life, or are you using vlan 1 for your access-ports. If the last is true, it is stongly recommended to not use vlan 1.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...