Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1126
Views
0
Helpful
1
Replies

Bandwidth control per users

Go to solution
Miguel Alejandro Callejas Pastor
Level 1
Level 1

‎12-22-2016 01:01 PM

Hi, 

I just arrived to this company as a network administrator.

I have a scenario that moves too fast. We are 400 users and we are using 3 different gateways for 3 networks (WiFi, guests and Main).

For our main network we're using Microsoft TMG (way old). Because of the type of employees it is impossible to use an Active Directory and we basically manage users PER ip address. Everything works with DHCP but we actually type the MAC address to different IPs so we can prioritize traffic and make some rules based on users.

We can't put an Active Directory and therefore we can't use any solution that requires one. We have A LOT of operating systems and these change frequently. It is a hardware company and users reinstall their operating system at least twice a month (I've seen really weird Linux distributions so far).

So far, this TMG worked perfectly. We can group IPs (i.e. 10.100.0.1 to 10.100.0.50) and give them no limits in bandwidth. We can apply policies and restrict websites all by IPs. 

What solution from Cisco can I use to replace this TMG? Does Cisco Prime Infrastructure allows this traffic shapping per IP? 

We need to restrict bandwidth somehow. 

Regards!

Miguel

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎12-22-2016 01:17 PM

The easiest option in my book is a Cisco Meraki MX security appliance.  These let you attach security policies (it calls them Group Policies) to MAC addresses.

So you can create a group policy called "Appliance X", and attach it to the MAC addresses belonging to that class of device.  This group policy can include bandwidth controls, firewall rules, etc.

The MX100 would be a good fit.  Note that it has dual WAN circuits, so plugging in two WAN/Internet connections would be easy.  You may need an extra appliance if you really want to use three separate WAN connections.

https://meraki.cisco.com/products/appliances/mx100

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎12-22-2016 01:17 PM

The easiest option in my book is a Cisco Meraki MX security appliance.  These let you attach security policies (it calls them Group Policies) to MAC addresses.

So you can create a group policy called "Appliance X", and attach it to the MAC addresses belonging to that class of device.  This group policy can include bandwidth controls, firewall rules, etc.

The MX100 would be a good fit.  Note that it has dual WAN circuits, so plugging in two WAN/Internet connections would be easy.  You may need an extra appliance if you really want to use three separate WAN connections.

https://meraki.cisco.com/products/appliances/mx100

0 Helpful
Customers Also Viewed These Support Documents