12-14-2007 02:17 PM - edited 03-05-2019 08:01 PM
Quick question here currently I have a network of 4 segments(production, test, HR and QA)we are all physically located on one floor and basically it is a open bay area and the way we segment the different users is by using 802.1x. The question is is there any otherway to segment these subnets without using 802.1x? We have Vlans but they only are only good if you have physical separation people like to unplug there laptops and walk over to a cubical that has more authority and plug it. If 802.1x is the best way to go then I guess I will stick with it. Thank you in advance
12-15-2007 12:44 PM
Hi
Not sure what you mean by walking over to a cubical with more authority. if you are using 802.1x then based on the username that is supplied when the user logs in you can dynamically assign the switch port to a vlan. So wherever the user connects they will always end up in the same vlan.
Would this not work for you ?
Jon
12-17-2007 08:09 AM
Hi Jon;
What I mean by walking over to a cubical is that we are all on one floor and there is no physical separation between the different departments. So someone from the developement department can walk through the door to my cube and take my network connection off and plug his laptop in and get more authority than he has. We currently use 802.1x to prevent this from happening as you are correct about it is base on username. I was just wondering if there was anything else besides 802.1x I can use to accomplish this or is 802.1x the best solution?
12-17-2007 08:12 AM
802.1x is definitely the best solution for security to the access layer.
12-17-2007 08:17 AM
ok thanks Edison for the info!!!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: