Jump to content
xisto Community
Sign in to follow this  
abartar

Lock Down Switch Port To Increase Network Security Assign the MAC address to each switch port.

Recommended Posts

One way to boost network security is to use Cisco's Port Security feature to lock down switch ports.A growing challenge facing network administrators is determining how to control who can access the organization's internal network—and who can't. For example, can anyone walk into your office, plug in a laptop, and access your network? You might argue that the wall jack has no connection to a switch, but couldn't someone just pull the Ethernet cable from a working PC and connect to the network that way?You might think this an unlikely scenario, but it does happen. At my organization, there are many times when people walk in and plug in thier laptops to the Info. outlet to get the n/w address.Networks having DHCP are more vulnerable to the attacks.In its most basic form, the Port Security feature remembers the Ethernet MAC address connected to the switch port and allows only that MAC address to communicate on that port. If any other MAC address tries to communicate through the port, port security will disable the port. Most of the time, network administrators configure the switch to send a SNMP trap to their network monitoring solution that the port's disabled for security reasons.This is true with most of the switches.... 3Com, Cisco etc....However, as you know, there's usually a downside. In this case, it's that the network administrator is the only one who can "unlock" the port, which can cause problems when there are legitimate reasons to change out devices.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.