Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 325
  • Last Modified:

Securing Conference Rooms

Hello,

 Can anyone offer any suggestions/best practices on how to effectively secure non-domain users from plugging into meeting room switches?
0
sin20
Asked:
sin20
2 Solutions
 
Barry GillChief of StaffCommented:
Create multiple DHCP scopes and make use of VLAN's.
Have VLAN 1 service your internal network and VLAN 2 service your meeting rooms.
Have DHCP scope 1 serviceVLAN 1s and DHCP scope 2 service VLAN 2.
VLAN 2 then gets internet access only (as why else are you letting people connect) and any user from VLAN 1 that wants to connect to internal services must log into a VPN in order to gain access.
Your users will be annoyed by this at first, so manage their expectations and let them know why you are doing this.
0
 
sin20Author Commented:
Thank you for your reply and suggestion.  I'm not sure the VPN solution is our best bet as we use RSA and I'm sure I won't sell management on distrbiuting tokens for this.

0
 
Barry GillChief of StaffCommented:
create an internal secondary vpn, one that does not require tokens
0
 
Nasir-SiddiqueCommented:
If your switch is capable....you can use 802.1x based VLANs. 802.1x based VLAn uses authentication which can be integrated to the AD or any other users database, thus if a user without proper credential tries to plug into your network using those conference room sockets, he/she will be asked for use name and password. Untill the credentialsare not verified, no IP address will be provided to the user. You will have a secure access from that area using 802.1x.
0
 
TolomirAdministratorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now