linkeast
asked on
managing a small network
Hello - i work for an IT support company and our client base is mainly up of companies with 5 - 50 computers. i am looking for the easiest way to ensure we are aware of EVERY device that comes on to the network. ideally it would be via switch where we would have to white list all mac allowed addresses... if new device is then presented to the network it would mean we would to whitelist it (which would mean we could ensure it was patched / had correct AV etc etc...
what is the "simplest" and affordable switch to achieve this... i would also need the ability to have multiple switches linked together and still have these capability..
thanks!
what is the "simplest" and affordable switch to achieve this... i would also need the ability to have multiple switches linked together and still have these capability..
thanks!
Cyberoam product does what you want but it requires investment. As suggested by Eoin that is the easiest way without spending any penny or even you can try for linux based SQUID proxy server, so no internet traffic will work until you allow or provide the proxy with ldap sync and credential.
If you have security as a big concern then to restrict each and every traffic, go for ASA55xx model to inspect the traffic. Nowadays lot of attacks happened even from backdoor. It is to keep everything healthy.
If you have security as a big concern then to restrict each and every traffic, go for ASA55xx model to inspect the traffic. Nowadays lot of attacks happened even from backdoor. It is to keep everything healthy.
ASKER
Hi... I am willing to invest in a product that I can use over and over for each site. It's not so much internet control - I can take care of that. It's more a solution to control what get son the network in the first place. Not having dhcp is not practical - users could just set a static one ...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This is typical use case for endpoint management solutions. Because your environment it small, you may be able to find ad-hoc solutions. As you from, you may want to formalize your endpoint solution to maintain, monitor, remediate and patch all devices on your network.
Or only set enough of a range on the DHCP to cover machines you have, anything new will require you up the range by 1, meaning they'll still have to come to you for the ability to get on the network.
Not very elegant, but might be one approach.