Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
291
Views
0
Helpful
1
Replies

ISE vs a ethernet y cable splitter

mcmanus
Level 1
Level 1

‎09-23-2022 08:13 AM

In my corporate environment, IT won't give permission for a switch, they wants us to lay more cable, but it's too expensive.  Leadership doesn't understand and says just use WiFi.  ISE of course prevents using a switch without permission; ISE will detect it and quarantine it.  But would 2 computers hooked up to a y splitter cable get quarantined?  My understanding is that rogue switches get blocked because they are not configured correctly and are not secure.  BUt, a y cable has o such issues?

0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-23-2022 09:35 AM - edited ‎09-23-2022 09:35 AM

A splitter cable will not allow 3 devices (2 computers and a switch port) to communicate at all, much less with ISE. Switched Ethernet just doesn't work that way.

When multiple devices are connected to a switch port (either with a downstream unauthorized hub or a phone with a PC connected, etc.) the switch configured with ISE as the RADIUS server for dot1x authorization control will detect the multiple MAC addresses and behave according to the configured policy (authenticate each separately, authenticate only one data and one voice domain device, block all bu the first connected address, etc.)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card