The switchport port-security violation shutdown , shuts the port (err-disabled) when the policy is violated. But, for restrict and protect modes there isn't a mention of shutting a port down. So, can the policy be violated unlimited number of times when a switch port is configured with :
switchport port-security violation restrict(or protect)
Cisco Switchport Port-Security Violation Protect – Breach Limits Explained
ciscocisco-commandsmac addressport-securityswitch
Best Answer
Yes, the restrict and protect modes can be violated any number of times without shutting down the port since they are not designed to do that; they will drop packets with unknown source addresses:
See Configuring the Port Security Violation Mode on a Port on page 62-6: