Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
904
Views
0
Helpful
6
Replies

VMPS

Go to solution
dholder
Level 1
Level 1

‎02-16-2005 10:22 AM - edited ‎03-02-2019 09:42 PM

We are looking at using VMPS for VLAN membership. Has anyone had any experience with this, and if so was it good/bad/so-so. Am looking for suggestions.

Thanks in advance for helping the hopeless.

Dave

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
patrick.hurley
Level 3
Level 3

‎02-16-2005 03:32 PM

Cisco is moving away from URT. If you use it, be aware that it requires a great deal of administration and be sure to back up the URT database.

View solution in original post

0 Helpful

Go to solution
sachin
Level 1
Level 1

‎02-16-2005 11:39 PM

First it depend like , If users are quite movable and belongs to different VLAN then we should go with dynamic VLAN.As everytime you cann't change VLAN no. on a port, so depending on the MAC address , switch port will automatically get assigned to corresponding VLAN.

Second Big advantage is Security, if a particular machine doesn't belong to your network. He cann't access your network until you add MAC address in the database of VMPS Server.So no unauthorised machine can get access to your network.

Third is Easy in manageability- if some machine is generating hell lot of traffic (infected with Virus) then you can simply remove that MAC ID from your database and that machine will not be able to access network from ANYWHERE in your campus, instead of tracing MAC address in your network and then blocking it. So chances are there he can access from other location till you again block it.So by having VMPS server its just single shot and job is done.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
patrick.hurley
Level 3
Level 3

‎02-16-2005 03:32 PM

Cisco is moving away from URT. If you use it, be aware that it requires a great deal of administration and be sure to back up the URT database.

0 Helpful

Go to solution
dholder
Level 1
Level 1
In response to patrick.hurley

‎02-17-2005 06:16 AM

I am sorry, but can you tell me what URT means? I can't seem to find a reference to it.

Thanks, Dave

0 Helpful

Go to solution
Kevin Dorrell
Level 10
Level 10
In response to dholder

‎02-17-2005 06:26 AM

URT is the CiscoSecure User Registration Tool. Here is the index to the documentation:

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cw2000/fam_prod/user_reg/2_5/index.htm

Kevin Dorrell

Luxembourg

0 Helpful

Go to solution
sachin
Level 1
Level 1

‎02-16-2005 11:39 PM

First it depend like , If users are quite movable and belongs to different VLAN then we should go with dynamic VLAN.As everytime you cann't change VLAN no. on a port, so depending on the MAC address , switch port will automatically get assigned to corresponding VLAN.

Second Big advantage is Security, if a particular machine doesn't belong to your network. He cann't access your network until you add MAC address in the database of VMPS Server.So no unauthorised machine can get access to your network.

Third is Easy in manageability- if some machine is generating hell lot of traffic (infected with Virus) then you can simply remove that MAC ID from your database and that machine will not be able to access network from ANYWHERE in your campus, instead of tracing MAC address in your network and then blocking it. So chances are there he can access from other location till you again block it.So by having VMPS server its just single shot and job is done.

0 Helpful

Go to solution
amikat
Spotlight
Spotlight

‎02-17-2005 11:16 AM

Hi Dave,

VMPS works just fine. It is a great tool to keep secured controlled environment (University campus may be an example).

Just keep in mind few things:

You need VMPS Server - not every Cisco platform supports this functionality,

You need VMPS database - we tried to keep it within PCMCIA with Cisco box, but most typically it is stored externaly.

So perhaps you should think a bit about the resilience issues.

Also it uses Cisco proprietary protocol coded VQP (not very good documented), which to my knowledge is not encrypted, not authenticated a and uses udp (easy to spoof).

Good luck.

Best regards,

Antonin

0 Helpful

Go to solution
amikat
Spotlight
Spotlight

‎02-17-2005 11:16 AM

Hi Dave,

VMPS works just fine. It is a great tool to keep secured controlled environment (University campus may be an example).

Just keep in mind few things:

You need VMPS Server - not every Cisco platform supports this functionality,

You need VMPS database - we tried to keep it within PCMCIA with Cisco box, but most typically it is stored externaly.

So perhaps you should think a bit about the resilience issues.

Also it uses Cisco proprietary protocol coded VQP (not very good documented), which to my knowledge is not encrypted, not authenticated a and uses udp (easy to spoof).

Good luck.

Best regards,

Antonin

0 Helpful
Customers Also Viewed These Support Documents