• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 383
  • Last Modified:

Port based security on Cisco Switches

I need to find out which Cisco switches support port based security. I have a network with Cisco voice and data along with their respective vlans, however I need to create some additional vlans and be able to allow access on ports only to specified MAC addresses so that under no circumstances can anyone connect a device and have access to the network. Can someone please offer suggestions and maybe shed some light on what that config would look like.
0
ryanva
Asked:
ryanva
1 Solution
 
andrew1812Commented:
0
 
mat1458Commented:
Any IOS switch can do that: 2960, 3560, 3750, 4500, 6500. Also the older ones like 2950, 3550, 4000, 6000 do that. And some of the SMB switches support it as well.

Do yu already have any type of switches?
0
 
ryanvaAuthor Commented:
I have a Cisco 2960-24PC-L for the voice vlan and two Linksys SGE2000P switches for the data vlan
0
 
TimotiStDatacenter TechnicianCommented:
Config looks like:

 switchport port-security
 switchport port-security violation restrict

with the addition of a "switchport port-security mac-address sticky" statement.

Please be aware that MAC addresses can be cloned, so 802.1x is a better security tool.

Tamas
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now