?
Solved

Protecting a socket with an AP connected

Posted on 2009-04-21
4
Medium Priority
?
309 Views
Last Modified: 2013-11-09
Hi

I have various Cisco A1200 wireless placed around our building and I am concerned about somebody unplugging the A1200 and plugging a non authorised piece of equipment  into the socket. General I would use Port Security to lock down a socket to a device that was plugged into it via its MAC, but I can't do this with the A1200  sockets as it has multiple MACs are registered on the port.

Is there a way I can secure the socket the wireless units are plugged into from unauthorised access?

We use A1230 AP, 4402 WLAN Controllers, 3560 and 3750 switches

Thanks
0
Comment
Question by:BESKEE
  • 2
4 Comments
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 24198288
You could either use security face plates (face plates are screwed so you can't access the plugs) or setup notifications in which the 4402 sends you a message when the AP is down (which is good anyways).

Do either of these work for you?
0
 
LVL 9

Accepted Solution

by:
Donboo earned 750 total points
ID: 24200126
I do belive that WLC version 5.2 (and 5.1 if I remember correct) supports 802.1x on AP level and I think the 1230 supports it also, which enables you to implement 802.1x in your entire network and not worring about anyone unplughing a ap or host and gain unauthorized access to your network. This would also negate the MAC address control that you manually are doing and not limiting anyone to a certain port in a certain switch as long as they have the right credentials.

If you dont want to implement 802.1x on the entire network you can just do it on the ports connecting the APs.
0
 

Author Comment

by:BESKEE
ID: 24215700
The Security face plate seem simple but effective solution, however I don't seem to be able find any. Do you have any links to site that sell them?

Monitoring is only good if I am on site and we are not always there

The AP1230 we use apparently are not capable of becoming supplicants so we can't use the 802.1x for authorization.
http://www.cisco.com/en/US/tech/tk722/tk720/technologies_configuration_example09186a00809fbd21.shtml
0
 
LVL 12

Assisted Solution

by:jjmartineziii
jjmartineziii earned 750 total points
ID: 24215990
http://www.blackbox.com/Store/Results.aspx/Infrastructure-Hardware/Jacks-and-Wallplates/Wallplates/GigaStation-Secure-Faceplates/n-4294965102/p-0

I know a few more vendors sell a product like it. Leviton and Hubbell do but I can't find the part number at the moment.
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Screencast - Getting to Know the Pipeline
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question