Re: 802.1X for wired ports

[Russell Fulton <r.fulton () AUCKLAND AC NZ>]

On 16/06/2010, at 3:57 AM, David Gillett wrote:

>   I believe 802.1X is a good solution for "inside" ports, but for "public access" ports a captive portal may be a 
> better option -- redirects browser requests to a login -page and blocks other traffic until login succeeds).  We 
> initially used BlueSocket for our wireless authentication, and it could easily be deployed this way.....
>  
> David Gillett
>
> From: Entwistle, Bruce [mailto:Bruce_Entwistle () REDLANDS EDU] 
> Sent: Monday, June 14, 2010 17:21
> To: SECURITY () listserv educause edu
> Subject: [SECURITY] 802.1X for wired ports
>
> We are currently looking for a method to secure wired ports located in locations accessible by the general public.  
> The network devices to which these ports are connected are Cisco 3750 switches.  I have tested port based 
> authentication however I ran into the problem of not having the required supplicant installed.  We are trying to 
> avoid having to do configuration on the client(student) machines.  I was looking to find out what others have done to 
> prevent users outside the organization from simply connecting their computer through use of a patch cable and surfing 
> the Internet.
>  
> Thank you
> Bruce Entwistle
> Network Manager
> University of Redlands
>