Security Basics mailing list archives

Re: Port Security on switches?

From: Predrag Petrović <pedjap () gmail com>
Date: Sat, 15 Mar 2008 02:03:19 +0100

Hello,

The best way is to implement Port-Based security. If the switches support
802.1x authentication then this is the best method for securing your network
(this helps on wired and wireless LANs). I am using it in both scenarios and
I have no problems at all. I am isolating users to a quarantine VLAN and
filtering their access to our network.

If you need additional information please ask.

Predrag


On 3/14/08 7:21 PM, "Albert R. Campa" <abcampa () gmail com> wrote:

Do you use it? Is it a good idea network wide? Yes I guess it could be
an administrative pain but I want to see how it is used these days.

Is there an alternative?

My concern is people connecting non authorized laptops to the network
and getting an IP then access. What is a common/effective way to be
notified of any new device connected to the network?

Sure we have physical security(guards 24/7) in our main building,
badge access security in our other building, but visitors such as
vendors, contractors, etc come often and its basically left up to
their sponsors to ensure they dont connect anything to a free port on
the wall.

Comments are appreciated.

Albert

Current thread:

Port Security on switches? Albert R. Campa (Mar 14)
- RE: Port Security on switches? Nick Duda (Mar 17)
- RE: Port Security on switches? Petter Bruland (Mar 17)
- RE: Port Security on switches? Bob Emerson (Mar 17)
- Re: Port Security on switches? Predrag Petrović (Mar 17)
- Re: Port Security on switches? Abe Getchell (Mar 17)
- Re: Port Security on switches? Logan Douglas (Mar 17)
- RE: Port Security on switches? Sule, Mohammed (Mar 21)
- <Possible follow-ups>
- Re: RE: Port Security on switches? CG (Mar 18)