MAC address authentication on HP and 3Com switches
We have 3x HP ProCurve switches and 1x HP branded 3Com ProCurve switch. We need to lock down the network so that only approved devices can connect. HP's and 3Com's support has given two options for this: RAIDUS or manual port configuration of each port
RADIUS apparently won't work since we have clients ranging from DOS or NT all the way up through Win 7... plus there are some thin clients spanning across two brands, about 5-6 models, with all sorts of OSes.
The manual configuration of each port for each MAC address is a bit time-instensive and cumbersome.
Does anyone know of a software tool to manage HP and 3Com switches that can do a general MAC address approval pool so it won't matter which ports the device plug into or move to as employees move from one office to another over time? We have several comliancy requirements so auditing would be a plus too. (SOX, PCI, SEC, and ITAR) The company is only about 100 employees across two locations so the budget for this won't be on... oh let's say... a hospital's. But, a few $1,000's may be a good fit here.
RADIUS apparently won't work since we have clients ranging from DOS or NT all the way up through Win 7... plus there are some thin clients spanning across two brands, about 5-6 models, with all sorts of OSes.
The manual configuration of each port for each MAC address is a bit time-instensive and cumbersome.
Does anyone know of a software tool to manage HP and 3Com switches that can do a general MAC address approval pool so it won't matter which ports the device plug into or move to as employees move from one office to another over time? We have several comliancy requirements so auditing would be a plus too. (SOX, PCI, SEC, and ITAR) The company is only about 100 employees across two locations so the budget for this won't be on... oh let's say... a hospital's. But, a few $1,000's may be a good fit here.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Atrevido: Are you saying that you can do MAC authentication with old PCs (before Win XP) with the builtin RADIUS server or that a 3rd party one like Steel Belted is required?
RKisnp: Thanks. We'll check it out.
RKisnp: Thanks. We'll check it out.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
We do the same thing on ours.