What is the primary purpose of port security on a switch?

Port security focuses on who can access a switch port by controlling the MAC addresses the port will learn. By limiting the number of MAC addresses or specifying which addresses are allowed, the switch prevents devices that aren’t authorized from sending frames through that port, which greatly reduces the risk of MAC address spoofing and unauthorized connections. When a device with a new or unauthorized MAC tries to use the port beyond the configured limit, a violation occurs and the port can be set to shut down, restrict traffic, or drop frames from that device, depending on the mode chosen. This approach keeps the port from being exploited by rogue devices without changing how traffic is encrypted or its speed, and it’s not about blocking all traffic by default.