RE: Port Security on switches?



Don't patch down ports unless they are needed can be a start.

You can use a solution like Cisco Clean Access (CAS/CAM) , great product, but with a price tag. Works wonder for things like this. It can dynamically alter port settings and DMZ/segement off unauthorized systems..etc.

- Nick

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Albert R. Campa
Sent: Friday, March 14, 2008 2:22 PM
To: security-basics
Subject: Port Security on switches?

Do you use it? Is it a good idea network wide? Yes I guess it could be
an administrative pain but I want to see how it is used these days.

Is there an alternative?

My concern is people connecting non authorized laptops to the network
and getting an IP then access. What is a common/effective way to be
notified of any new device connected to the network?

Sure we have physical security(guards 24/7) in our main building,
badge access security in our other building, but visitors such as
vendors, contractors, etc come often and its basically left up to
their sponsors to ensure they dont connect anything to a free port on
the wall.

Comments are appreciated.

Albert



Relevant Pages

  • RE: Printing from Win9x clients stops
    ... > and make sure this software does not interfere with SBS Server. ... > clients, please disable it and try again. ... Create a local printer and redirect the port to the network server. ...
    (microsoft.public.windows.server.sbs)
  • RE: SBS 2003, ISA 2004
    ... ISA and IIS try listening on these two ports. ... by default the Web Proxy is listening on port 8080 ... of the local network adapter. ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: ERS 8600, simple setup, IP, VLANs, etc.
    ... management port is just used to hang an IP address to. ... associated with an interface, such as a VLAN. ... fairly functionally homogenous network), but something that is ... or OS virtuallization - except that networks have been doing this kind of ...
    (comp.dcom.sys.nortel)
  • network slowness/freez-up since update 10/11
    ... network problems: first the network is slow (even within a few ... network - but not the rest of the system - just locks up (can't ping ... OHCI version 1.0, legacy support ... <Parallel port bus> on ppc0 ...
    (freebsd-current)
  • network slowness/freez-up since update 10/11
    ... network problems: first the network is slow (even within a few ... network - but not the rest of the system - just locks up (can't ping ... OHCI version 1.0, legacy support ... <Parallel port bus> on ppc0 ...
    (freebsd-current)