cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
821
Views
4
Helpful
6
Replies

security for the l2 ports of 4506 catalyst

blrnetwork
Level 1
Level 1

Hi

I have users of around 4000 in a building . They were configured for their project subnet and we have a guest network for the external users who come to visit their project people..We have to put them in a guest subnet where his access is restricted...But Many of my users would come calling up their guests and make them to sit along with them and our employee would give up his port to the guest where he would also be a project network and the guest would have all the possibilities to see our employees project details coupled with our company resources...

I want to have a remedy for this..

I tried configuring the Mac-based port restrictions . But we have lot of pc's moving internally , so our intervention in configuring the ports also increases day by day....

What i would like to have is ...

I must have all the mac-addresses of our company network .....When a mac-address apart from this is received it should block that ....so that the guest laptop plugged int to the employees port must get blocked and whereas any of the prescribed lap tops mac-address must not get blocked in taht port...

Is there any for this....?

pls reply

Reagrds.....

Gokulakrishnan.

6 Replies 6

pcomeaux
Cisco Employee
Cisco Employee

Hi -

Have you considered the NAC Appliance as a solution for this scenario?

thxs

peter

No can i know whats the thing to do with the Nac appliance ..Is it like acs or some other thing...I fso can you pls redirect me or say where could i find the documents..pls...

Regards...

Gokulakrishnan.

Hi Gokulakrishnan -

There's a wealth of information available in the Chalk Talk series to help you understand the NAC Appliance - much more than I could possibly describe here.

Please look for that content here:

http://www.cisco.com/go/nac

thxs

peter

Hai peter

I think cAS is a nac appliance . But whether it's a software installed on a server or it's hardware like Firewall.

Is there any trial version to download ?

Regards...

Gokulakrishnan.

Hi Gokulakrishnan -

Yes - the NAC Appliance is a hw/sw solution for you.

There are a few components

- the NAC Manager - this is where the policy is defined (also called CAM)

- the NAC Server - this enforces the policy and is placed nearest the user (also called CAS)

- the NAC Agent - this installs on the computers to provide posture information

Eval Units are available through your account team.

Please let me know if you have additional questions.

thxs

peter

Hai So i think we have to get a new device from cisco ? . If so can i know what's the price of it.

Regards....

Gokulakrishnan.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: