Solved

Intrusion Detection System

Posted on 2004-08-05
1
195 Views
Last Modified: 2010-04-12
I currently use cisco 6000 switches & 2600 routers. I also have 'real secure' IDS but it's not yet implemented.

There are contractors working on our compound who require network access. We supply them with PCs however we recently discovered that they also plug in their personal laptops onto our lan ports.

Is there any system available that can detect & prevent such an occurence? Is this a feature available in the switches or do I require software
0
Comment
Question by:isltt
1 Comment
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 500 total points
ID: 11726459
The most straight-forward way to do this is to record all the MAC addresses in use at your site (you can get them from the router arp caches), load them into the switches, and then shunt any unknown MAC's to a dead-end VLAN.

This not only keeps contractors/vendors from plugging in their own PC's, but also keeps employees from purchasing new systems that haven't gone through the "official" setup/purchasing process.

The other option is to implement something like Cisco's just-recently-released NAC product, which can do things like check whether machines have appropriate patches and anti-virus signatures, enforce that they are domain members, etc., etc.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video discusses moving either the default database or any database to a new volume.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now