Re: Application or Software to detect or Block unmanaged swicthes

[Kasper Adel <karim.adel () gmail com>]

I guess you can do that and more with a linux based switch like cumulus and
pica8.

They allow you to do all sorts of things like that because they are open.

On Thursday, June 7, 2018, <keith () contoocook net> wrote:

> In my previous life, we used a nac appliance from Bradford Networks
> whereby the mac address of every device needed to be registered or the
> switch port it was plugged into would be disabled.
> This kept spurious devices from appearing on the network and worked quite
> well.
> Cheers, Keith
>
> Sent from my android device.
>
> -----Original Message-----
> From: Jason Hellenthal <jhellenthal () dataix net>
> To: segs <michaelolusegunrufai () gmail com>
> Cc: nanog () nanog org
> Sent: Thu, 07 Jun 2018 7:54
> Subject: Re: Application or Software to detect or Block unmanaged swicthes
>
> As someone already stated the obvious answers, the slightly more difficult
> route to be getting a count of allowed devices and MAC addresses, then
> moving forward with something like ansible to poll the count of MAC’s on
> any given port ... of number higher than what’s allowed, suspend the port
> and send a notification to the appropriate parties.
>
>
> All in all though sounds like a really brash thing to do to your network
> team and will generally know and have a very good reason for doing so...
> but not all situations are created equally so good luck.
>
>
> --
>
> The fact that there's a highway to Hell but only a stairway to Heaven says
> a lot about anticipated traffic volume.
>
> > On Jun 7, 2018, at 03:57, segs <michaelolusegunrufai () gmail com> wrote:
> >
> > Hello All,
> >
> > Please I have a very interesting scenario that I am on the lookout for a
> > solution for, We have instances where the network team of my company
> bypass
> > controls and processes when adding new switches to the network.
> >
> > The right parameters that are required to be configured on the switches
> > inorder for the NAC solution deployed to have full visibility into end
> > points that connects to such switches are not usually configured.
> >
> > This poses a problem for the security team as they dont have visibility
> > into such devices that connect to such switches on the NAC solution, the
> > network guys usually connect the new switches to the trunk port and they
> > have access to all VLANs.
> >
> > Is there a solution that can detect new or unmanaged switches on the
> > network, and block such devices or if there is a solution that block
> users
> > that connect to unmanaged switches on the network even if those users
> have
> > domain PCs.
> >
> > Anticipating your speedy response.
> >
> > Thank You!