cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
338
Views
0
Helpful
1
Replies

MAC Address Voilation

faamin011
Level 1
Level 1

my point is with port base security concern in which I have imposed mac base security on all access port, now if some one know the allowed mac he or she can static assign mac to laptop/PC and access to network.

This is security lack, please advice anything we can do this to mitigate               

1 Accepted Solution

Accepted Solutions

blau grana
Level 7
Level 7

Hello Fahad,

You are right, but with port security you have allowed mac-addresses on certain ports so you assume that user with that MAC will be connected to particular port. If someone steal MAC address to other user, attacker needs to also connect to correct port to have access to network.

If you are still concern about security, you can additionaly implement port based authentication ->

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/ht_8021x.html

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

View solution in original post

1 Reply 1

blau grana
Level 7
Level 7

Hello Fahad,

You are right, but with port security you have allowed mac-addresses on certain ports so you assume that user with that MAC will be connected to particular port. If someone steal MAC address to other user, attacker needs to also connect to correct port to have access to network.

If you are still concern about security, you can additionaly implement port based authentication ->

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/ht_8021x.html

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: