i recently had a report from one of my remote sites stating that they had a broadcast storm that specifically trageted the energywise feature of these switches.
have you heard of such an attack, if yes, how would you mitigate against it.
I have not heard of this type of attack, but any broadcast/multicast/unicast storm can be controlled, see the below link.
Energywise use broadcast in its neighbor discovery queries Layer 2 or UDP port 43440 (default), responses are unicast. It is possible that broadcast storm happen using these broadcasts. You can manualy set neighbors and/or you can use some of the techniques from the Andrew's post to mitigate and control multicast storms.
Thanks Alex...1 last question. We have storm-control broadcast level 0.10 set on some of the interfaces...what does the 0.10 represent.?
storm-control broadcast level is the percentage of the available bandwith on the interface (if it is 6500 series)for the controlled traffic (in this case broadcast) for the interval of time (1 sec). The level is specified in percentage 0(stop controlled traffic) - 100(disable control). In your case 0.10 means 0.10 percent of the available bandwidth is permitted for broadcast packets.
For more about storm-control on cat 6500 check this link:
Please mark the question as answered if you have got the answer to you question. It will be easier for the others to find solutions to common problems.