General discussion


Port security feasibility

By fimos ·
I have a client that has implemented port security in which a MAC address is assigned to each network port (they currently have about 400 workstations). As this is a fairly small company but as it is growing at about 30% per year I am wondering if this is going to be feasible or if the administrative overhead in maintaining this is too much. Does anyone have any experiences where this has happened or am I making it too complicated?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by TechKid In reply to Port security feasibility

Depends on what your client's business is. The administrative overhead is definitely going to be a pain. The only company I've heard of with that many clients that's doing MAC filtering is the Department of Defense. If you're in an industry that requires EXTREME security then I would say yes, do it. However, if you're just a regular shop I would say it's very uncommon to maintain that type of control.

Collapse -

by pgm554 In reply to Port security feasibility

If they are paranoid and use MAC addresses as security because IP addresses can be spoofed,well so can MAC addresses, and it ain't all that hard to do.

Collapse -

by Darthkim In reply to Port security feasibility

We have the same issue here and we are looking to implement 802.1x for port based authentication. This allows you to have dynamic vlan assignment, username authentication and etc. There are some downsides (as older and some non windows os's don't support 802.1x yet). You still can integrate MAC addressing with it, but if you are looking at a 30% growth rate, i would definitely look into it. Good Luck

Collapse -

by fimos In reply to Port security feasibility

This question was closed by the author

Related Discussions

Related Forums