Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1645
Views
0
Helpful
1
Replies

Can mac spoofing override port-security?

capgemini-network
Level 1
Level 1

‎11-14-2018 10:44 PM - edited ‎02-20-2020 09:06 PM

Hello,

I have 100 buildings, with different /24 subnets, i.e. example - 10.74.1.0/24 - 10.74.100.0/24 and all under same VRF. But its a critical service such as home CCTV, therefore I don't want one apartment to see other and talk to any other. I have port security in access switches but mac spoofing can override the port-security and cause threat.

 

Please suggest solutions to make every apartment secure.

 

Regards,

August

Labels:
0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎11-16-2018 09:20 PM

Hi there. There are a several ways you can secure and segment a campus network. Here are a few that come to mind:

- Utilize private VLANs (PVLANs):

- Deploy a NAC solution such as Cisco's Identity Services Engine and utilize 802.1 and  Anomalous Behaviour Detection

- VRF Lite

 

I hope this helps!

 

Thank you for rating helpful posts!

Thank you for rating helpful posts!
0 Helpful
Customers Also Viewed These Support Documents