Solved

Intrusion Detection System

Posted on 2004-08-05
1
200 Views
Last Modified: 2010-04-12
I currently use cisco 6000 switches & 2600 routers. I also have 'real secure' IDS but it's not yet implemented.

There are contractors working on our compound who require network access. We supply them with PCs however we recently discovered that they also plug in their personal laptops onto our lan ports.

Is there any system available that can detect & prevent such an occurence? Is this a feature available in the switches or do I require software
0
Comment
Question by:isltt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 500 total points
ID: 11726459
The most straight-forward way to do this is to record all the MAC addresses in use at your site (you can get them from the router arp caches), load them into the switches, and then shunt any unknown MAC's to a dead-end VLAN.

This not only keeps contractors/vendors from plugging in their own PC's, but also keeps employees from purchasing new systems that haven't gone through the "official" setup/purchasing process.

The other option is to implement something like Cisco's just-recently-released NAC product, which can do things like check whether machines have appropriate patches and anti-virus signatures, enforce that they are domain members, etc., etc.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Targeted Phishing Attacks 3 61
Wildfly 9 Security Hardening 2 427
Identity hacked! can I notify FBI? 14 1,534
Is TightVNC easily hacked on Windows 10 ? 13 797
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question