Re: Port Security on switches?

[Logan Douglas <logan () ssanz net>]

Hi Albert

Yes it would be advisable to setup network port security, You want to  
have management across the switch so that you can open the port upon  
request.

You certainly don't want a kid with a laptop plugging in and spreading  
a bot throughout your net, So be careful.

Also - Record down all network equipments MAC address, and set the  
DHCP server to only assign valid IP's to those legit mac addresses. (  
<- this stops skidz from coming onto your network and spreading  
malware or gaining access to servers they are not soposed too )

Good luck :)

Best Regards,
Logan Douglas

***************************************

Server Systems Administration NZ

Server Security | Server Systems Management

ServerSystemsAdministration.COM | SSANZ.NET | ServerSecurityNZ.COM

***************************************


Quoting "Albert R. Campa" <abcampa () gmail com>:

> Do you use it? Is it a good idea network wide? Yes I guess it could be
> an administrative pain but I want to see how it is used these days.
>
> Is there an alternative?
>
> My concern is people connecting non authorized laptops to the network
> and getting an IP then access. What is a common/effective way to be
> notified of any new device connected to the network?
>
> Sure we have physical security(guards 24/7) in our main building,
> badge access security in our other building, but visitors such as
> vendors, contractors, etc come often and its basically left up to
> their sponsors to ensure they dont connect anything to a free port on
> the wall.
>
> Comments are appreciated.
>
> Albert