Solved

Securing Conference Rooms

Posted on 2010-11-19
6
321 Views
Last Modified: 2012-05-10
Hello,

 Can anyone offer any suggestions/best practices on how to effectively secure non-domain users from plugging into meeting room switches?
0
Comment
Question by:sin20
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 9

Accepted Solution

by:
Barry Gill earned 250 total points
ID: 34174855
Create multiple DHCP scopes and make use of VLAN's.
Have VLAN 1 service your internal network and VLAN 2 service your meeting rooms.
Have DHCP scope 1 serviceVLAN 1s and DHCP scope 2 service VLAN 2.
VLAN 2 then gets internet access only (as why else are you letting people connect) and any user from VLAN 1 that wants to connect to internal services must log into a VPN in order to gain access.
Your users will be annoyed by this at first, so manage their expectations and let them know why you are doing this.
0
 

Author Comment

by:sin20
ID: 34175145
Thank you for your reply and suggestion.  I'm not sure the VPN solution is our best bet as we use RSA and I'm sure I won't sell management on distrbiuting tokens for this.

0
 
LVL 9

Expert Comment

by:Barry Gill
ID: 34177252
create an internal secondary vpn, one that does not require tokens
0
 
LVL 3

Assisted Solution

by:Nasir-Siddique
Nasir-Siddique earned 250 total points
ID: 34182013
If your switch is capable....you can use 802.1x based VLANs. 802.1x based VLAn uses authentication which can be integrated to the AD or any other users database, thus if a user without proper credential tries to plug into your network using those conference room sockets, he/she will be asked for use name and password. Untill the credentialsare not verified, no IP address will be provided to the user. You will have a secure access from that area using 802.1x.
0
 
LVL 27

Expert Comment

by:Rainer Meller
ID: 35814071
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ready for our next Course of the Month? Here's what's on tap for June.
A look at what happened in the Verizon cloud breach.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses
Course of the Month10 days, 16 hours left to enroll

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question