Solved

Intrusion Detection System

Posted on 2004-08-05
1
201 Views
Last Modified: 2010-04-12
I currently use cisco 6000 switches & 2600 routers. I also have 'real secure' IDS but it's not yet implemented.

There are contractors working on our compound who require network access. We supply them with PCs however we recently discovered that they also plug in their personal laptops onto our lan ports.

Is there any system available that can detect & prevent such an occurence? Is this a feature available in the switches or do I require software
0
Comment
Question by:isltt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 500 total points
ID: 11726459
The most straight-forward way to do this is to record all the MAC addresses in use at your site (you can get them from the router arp caches), load them into the switches, and then shunt any unknown MAC's to a dead-end VLAN.

This not only keeps contractors/vendors from plugging in their own PC's, but also keeps employees from purchasing new systems that haven't gone through the "official" setup/purchasing process.

The other option is to implement something like Cisco's just-recently-released NAC product, which can do things like check whether machines have appropriate patches and anti-virus signatures, enforce that they are domain members, etc., etc.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question