Solved

Securing Conference Rooms

Posted on 2010-11-19
6
317 Views
Last Modified: 2012-05-10
Hello,

 Can anyone offer any suggestions/best practices on how to effectively secure non-domain users from plugging into meeting room switches?
0
Comment
Question by:sin20
6 Comments
 
LVL 9

Accepted Solution

by:
Barry Gill earned 250 total points
ID: 34174855
Create multiple DHCP scopes and make use of VLAN's.
Have VLAN 1 service your internal network and VLAN 2 service your meeting rooms.
Have DHCP scope 1 serviceVLAN 1s and DHCP scope 2 service VLAN 2.
VLAN 2 then gets internet access only (as why else are you letting people connect) and any user from VLAN 1 that wants to connect to internal services must log into a VPN in order to gain access.
Your users will be annoyed by this at first, so manage their expectations and let them know why you are doing this.
0
 

Author Comment

by:sin20
ID: 34175145
Thank you for your reply and suggestion.  I'm not sure the VPN solution is our best bet as we use RSA and I'm sure I won't sell management on distrbiuting tokens for this.

0
 
LVL 9

Expert Comment

by:Barry Gill
ID: 34177252
create an internal secondary vpn, one that does not require tokens
0
 
LVL 3

Assisted Solution

by:Nasir-Siddique
Nasir-Siddique earned 250 total points
ID: 34182013
If your switch is capable....you can use 802.1x based VLANs. 802.1x based VLAn uses authentication which can be integrated to the AD or any other users database, thus if a user without proper credential tries to plug into your network using those conference room sockets, he/she will be asked for use name and password. Untill the credentialsare not verified, no IP address will be provided to the user. You will have a secure access from that area using 802.1x.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 35814071
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question