Solved

Port based security on Cisco Switches

Posted on 2012-03-29
5
373 Views
Last Modified: 2012-06-27
I need to find out which Cisco switches support port based security. I have a network with Cisco voice and data along with their respective vlans, however I need to create some additional vlans and be able to allow access on ports only to specified MAC addresses so that under no circumstances can anyone connect a device and have access to the network. Can someone please offer suggestions and maybe shed some light on what that config would look like.
0
Comment
Question by:ryanva
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 5

Expert Comment

by:andrew1812
ID: 37782170
0
 
LVL 10

Expert Comment

by:mat1458
ID: 37782580
Any IOS switch can do that: 2960, 3560, 3750, 4500, 6500. Also the older ones like 2950, 3550, 4000, 6000 do that. And some of the SMB switches support it as well.

Do yu already have any type of switches?
0
 

Author Comment

by:ryanva
ID: 37782605
I have a Cisco 2960-24PC-L for the voice vlan and two Linksys SGE2000P switches for the data vlan
0
 
LVL 10

Accepted Solution

by:
mat1458 earned 500 total points
ID: 37784027
0
 
LVL 17

Expert Comment

by:TimotiSt
ID: 37786705
Config looks like:

 switchport port-security
 switchport port-security violation restrict

with the addition of a "switchport port-security mac-address sticky" statement.

Please be aware that MAC addresses can be cloned, so 802.1x is a better security tool.

Tamas
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question