• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 306
  • Last Modified:

Cisco LAN MAC address security

Does anyone know of a centralized solution (apart from Cisco URT) that will allow me to baseline all the MAC addresses currently on a WAN without having to manually collect them and type them into a filter list on multiple switches, and after will then prevent any new MAC addresses from attaching to the network without authorization?
0
dommurray
Asked:
dommurray
1 Solution
 
lrmooreCommented:
You can use Solarwinds Switchport mapper to get a current map (excel spreadsheet) of all of your existing MAC address/IP address mappings, but there is nothing in it that will enforce "no new mac's"..
The URT is the tool of choice if you're doing this company-wide across a WAN..
If you've got systems that don't happen to be on at the time you run the baseline, they won't show up.
Set your port security to only allow one mac address, set it for 'sticky'. Any port that shows as down at the time you run the baseline, go in and disable them until/unless someone provides you the MAC. Very manual process without the autmoated URT tool or something like it..
0
 
winzigCommented:
there is better sollutiuon than MAC filtering, you can deploy 802.1x and each before any pc will be connected to your network have to be authenticated(using the smard card, domain credentials, certificate ....)
0
 
dommurrayAuthor Commented:
Will 802.1x stop a machine getting an IP address from DHCP and therefore spreading whatever infection it may have over my IP network? I am wondering about any worms/viruses etc that can spread in those circumstances?
0
 
Tim HolmanCommented:
The Vernier solution is pretty neat -

http://www.verniernetworks.com/products/

0
 
happythedogCommented:
could go static assignment of ips and mac address sticky , pain in the *** but effective  , i am inclined to agree with you lrmoore
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

Tackle projects and never again get stuck behind a technical roadblock.
Join Now