Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1222
Views
0
Helpful
5
Replies

Port security on Switch Cisco 2960

sopheak yem
Level 1
Level 1

‎03-09-2016 01:12 AM

Dear all,

I have 10 cisco switches installed for each floor and enable port security service for all switches.

1. Can i protect all PC/Labtop from outside to plug in my Switch in office ?

2. Can i allow all PC/Labtop of company only to plug in all switch in each floor ?

thanks so much for advance.

best regards,

sopheak

Labels:
0 Helpful
5 Replies 5

Mark Malone
VIP Alumni
VIP Alumni

‎03-09-2016 05:31 AM

Hi

1 yes with mac security

2 yes you can have multiple macs per port allowed

if you planning that its a lot of manual administration ISE will allow you to centrally manage options like that

0 Helpful

sopheak yem
Level 1
Level 1
In response to Mark Malone

‎03-10-2016 03:08 AM

Dear Mark,

ISE is other hardware or application ? do we have other centralize easier that integrated in Cisco switch. 

thanks.

0 Helpful

Mark Malone
VIP Alumni
VIP Alumni
In response to sopheak yem

‎03-10-2016 03:15 AM

Its an application like ACS which controls access to devices in enterprise networks ,the way your going to lock down every port to multiple mac address it takes a lot of administration , 10 switches at minimum is 240 ports that will need to manually administered ISE can automate a lot of it but it depends on cost as well whether its worth it

http://www.cisco.com/c/dam/en/us/products/collateral/security/identity-services-engine/at_a_glance_c45-654884.pdf

0 Helpful

Scott Olsen
Level 6
Level 6

‎03-09-2016 05:34 AM

You should be able to come up with some form of port based security that fits your needs.  I'd recommend you review Cisco's Network Security Baseline document.  In particular, Chapter 4 for the port-security detail.

http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/Baseline_Security/securebasebook/sec_chap4.html

Cheers!

Scott Olsen Solutions Specialist Bulletproof Solutions Inc. Web: www.bulletproofsi.com
0 Helpful

sopheak yem
Level 1
Level 1
In response to Scott Olsen

‎03-10-2016 03:06 AM

Thanks so much Olsen

I read already and not clear between "aging" and "sticky", could you share me more detail. One more thing all port security of switch seem to be manual . Do you have any advice for better recommendation?

switchport port-security aging type inactivity
switchport port-security mac-address sticky
0 Helpful
Customers Also Viewed These Support Documents