Discussions

Sticky ports

Tags:
+
0 Votes
Locked

Sticky ports

kevaburg
For me the best solution is to use sticky MAC addresses on switch ports and not necessarily to use DHCP to control the access. A MAC address will be registered during the client systems start-up and if the MAC doesn't match what is in the MAC table the port will be closed down, requiring administrative intervention.
  • +
    0 Votes
    .Martin.

    as to what you are referring to?

    +
    0 Votes
    CharlieSpencer

    The 'DHCP ports' discussion.

    +
    0 Votes
    kevaburg

    .....not using DHCP to restrict access. On most managed switches there is a switchport security function that will essentially "lock" a switchport to a MAC address. With unused ports being shut down there is very little chance (never say never!) of a rogue device coming onto the network. Unplugging a legal device and replacing it with one that is not allowed will cause the port to close down.

  • +
    0 Votes
    .Martin.

    as to what you are referring to?

    +
    0 Votes
    CharlieSpencer

    The 'DHCP ports' discussion.

    +
    0 Votes
    kevaburg

    .....not using DHCP to restrict access. On most managed switches there is a switchport security function that will essentially "lock" a switchport to a MAC address. With unused ports being shut down there is very little chance (never say never!) of a rogue device coming onto the network. Unplugging a legal device and replacing it with one that is not allowed will cause the port to close down.