We have a star topology using eigrp and vrf's. We recently added a new site to our network. However what makes this site different from the rest of our sites is that its making use of another companies facilities and comcast connection The spare comcast connection terminate at all their buildings as well as our building. Its only a handful of users. The few users will use this comcast connection to access resources on our network off the 6509. please see diagram. They have connectivity but as of now no security on this connection. If someone from that company would plug computers in on that connection at any building where it terminates and use the same line those users are using they would gain access to our resources and network. What would you recommend for us to do to secure the connection and users. any suggestions would be great.
users ==> our switch ===> other company panel ===> comcast 311 box ===> cloud ====> comcast 311 box === 6509 === network resources
we do have a asa 5520 that protect our network and have rules in place for the other company. they have access to certain resources.
The few users is the only folks that will have access to our switch that is connection to the comcast connection. Im not concern about the switch I am concern about the connection on the comcast box. Say connection 1 that terminate in the building where the users are also terminate in several other buildings which my building is one of them. If anyone from the other company plugs something into the comcast connection 1 they will gain access to our resources. How will NAC work on the comcast box?