A MAC address-based communication restricting method is disclosed. In the MAC address-based communication restricting method, packet data is received upon request of communication through an Ethernet switch, a MAC destination address and a MAC source address of the received packet data are read, it is determined whether access vectors of the MAC addresses are present in an address entry table, and access is denied if the access vectors (security keys) of the MAC destination and source addresses are not matched.