topic Re: Port Security with ARP table in Network Security

Port Security with ARP table

woxagheto29 — Tue, 23 Jul 2024 05:43:01 GMT

Hello Guys,

I have a question and been unable to find the answer. Right now, we use Port security and stick the MACs to the ports. However, My organization is moving to the hoteling system where people would be moving around. Is there anyway I can have port security to point toward ARP table to see whether the MAC address is registered or not. Any advice is much appreciated.

Thank You

Re: Port Security with ARP table

Mark Elsen — Tue, 23 Jul 2024 06:42:30 GMT

- Can't see how this could be done ; better is move forward to identity based authentication schemes ,

Re: Port Security with ARP table

Rob Ingram — Tue, 23 Jul 2024 14:04:56 GMT

@woxagheto29 a NAC solution such as Cisco ISE would be the most suitable solution, where you can or the users register the device centrally in ISE and be authorised to access the network. The device MAC address could be used for authentication or you could pre-deploy certificates via AD GPO or allow the users to register for a certificate, which would be more secure than authentication based on the MAC, which can easily be spoofed.