Managed Gigabit Switch with MAC address filtering

Hi all,

I need a 24 port managed Gigabit switch that can let people connect to the network based on their network card's MAC address. If the MAC address is known then it lets them connect, if the MAC address is not known then the switch would reject all traffic from the computer. Basically the switch needs to have a MAC based ACL. It also has to be under $800. All ports have to be gigabit, not just a couple.

I need this because the location where this switch is to be installed is not really secure. And the patch panel is used by two tenents, which means that one tenent could sneakily connect a patch wire from the patch panel to the switch and steal internet, try hacking the server, or simply infect workstations.

So if you know of any gigabit switches that do this, please post them.

Thanks, Nite Rider

Reply to
Nite Rider
Loading thread data ...

Are you aware that it is trivial to set the MAC address used by an end stations to any arbitrary value? If a potential attacker knows which MAC address is configured on a certain port, they can disconnect the port, connect their own machine, set the correct MAC address, and use your service without a chance for the MAC acl to recognize the situation.

Also, with a switch in an unsecure area, nothing stops a dedicated attacker from inserting his own switch (at lower bandwidth usage, maybe even a dumb hub), into the uplink of your switch, circumventing all measures configured on your switch.

best regards Patrick

Reply to
Patrick Schaaf Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.