Unanswered Question
Dec 14th, 2007
User Badges:

Quick question here currently I have a network of 4 segments(production, test, HR and QA)we are all physically located on one floor and basically it is a open bay area and the way we segment the different users is by using 802.1x. The question is is there any otherway to segment these subnets without using 802.1x? We have Vlans but they only are only good if you have physical separation people like to unplug there laptops and walk over to a cubical that has more authority and plug it. If 802.1x is the best way to go then I guess I will stick with it. Thank you in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Sat, 12/15/2007 - 12:44
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


Not sure what you mean by walking over to a cubical with more authority. if you are using 802.1x then based on the username that is supplied when the user logs in you can dynamically assign the switch port to a vlan. So wherever the user connects they will always end up in the same vlan.

Would this not work for you ?


wgranada1 Mon, 12/17/2007 - 08:09
User Badges:

Hi Jon;

What I mean by walking over to a cubical is that we are all on one floor and there is no physical separation between the different departments. So someone from the developement department can walk through the door to my cube and take my network connection off and plug his laptop in and get more authority than he has. We currently use 802.1x to prevent this from happening as you are correct about it is base on username. I was just wondering if there was anything else besides 802.1x I can use to accomplish this or is 802.1x the best solution?

Edison Ortiz Mon, 12/17/2007 - 08:12
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

802.1x is definitely the best solution for security to the access layer.


This Discussion