Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

how can i blcok wireless hub connect to our company

Posted on 2012-03-23
6
Medium Priority
?
358 Views
Last Modified: 2012-03-23
hello Expert
in our company, some users bring a wireless hub connect to network, so that they using WIFI on cell phone or iPad etc, i just want to know does it possible block this?
all end user desk port are connecting to several Cisco 2950 switch, and core switch is Cisco 3550, does it possible configure ports on 2950 which could only get computer connected others not?

thank you
0
Comment
Question by:beardog1113
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 19

Expert Comment

by:helpfinder
ID: 37756202
I recommand you firtsly to issue some internal document, policy that this is forbiden to do and they could be punished for such a behavior by employer

no extrra smart idea from my side, only what I have on my mind is to set your DHCP to give IP to concrete MAC address (so you collect all MAC addresses in your company and match them with particular IP) - this could solve your problem but on other hand I agree this is not a handy solution (especialy in large enviroment)
or you could get a wifi router mac and block it so your DHCP won´t assign IP to it (but if your users are a little bit IT experienced I am sure they wil be able to change routers MAC and they are online back)
0
 
LVL 7

Accepted Solution

by:
PaulNSW earned 2000 total points
ID: 37756219
You can also use Cisco's port security settings

Read the article here
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/port_sec.html
0
 
LVL 5

Expert Comment

by:abhishek1986
ID: 37756225
If you have a small client base, you can map MAC Addresses to a particular port of the switch, which gives you additional security and solves your problem of some external devices being added to the network.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 37

Expert Comment

by:Neil Russell
ID: 37756323
MAC Authentication is of course the best way. You could easily script with powershell, WMI to collect all of the MAC Addresss of your company computers.
0
 
LVL 44

Expert Comment

by:Darr247
ID: 37758297
The only problem with that (MAC-based ACLs) is, I have never seen a consumer grade router than did not have a MAC Cloning function to make it appear to be the computer that is actually hooked to one of the router's LAN ports, configuring it.

So, a Network Usage Policy with repeated violations subject to disciplinary action, is the best way to go, in my opinion... with occassional sweeps using a laptop running WiFi Inspector or inSSIDer to look for rogue access points just to show them they CAN be detected and found.
0
 

Author Closing Comment

by:beardog1113
ID: 37759620
yes, port-security helps, i have test it and thats great, but not sure if the hub support MAC clone will what happen, this is not test.

anyway thanks
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will step through configuring a SonicWALL appliance to utilize an internal DHCP server for Global VPN Client (GVC) hosts.  There are times when using an external (external to the SonicWALL) DHCP server, such as Windows Servers, isn’t pr…
#Citrix #Netscaler #MSSQL #Load Balance
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question