Slashdot Mirror


How Do You Handle Ethernet Port Management?

MTL-Stalker asks: "I am currently investigating the best way to handle Ethernet port management for an organization with over 75,000 Ethernet ports spread out over 700+ sites. I was wondering how members of the Slashdot community are handling this issue in their organizations? Obviously this is as much a business process issue as a technological solution. In today's threat-filled networks, it seems like asking for trouble to rely on a simple switch based 'port enabled/port disabled' methodology. Do you think Cisco-style port security (tying a MAC address to a particular port) or PACLs (port access control lists) are worth the effort? Are products like Cisco Campus Manager or HP OpenView worth the cost and deployment headaches? Do they address your security concerns? How many of you are using homegrown scripting and/or SNMP solutions? How many ports can you effectively manage with these solutions? I would also be interested in knowing what industries these solutions are being implemented in."

6 of 133 comments (clear)

  1. Serious business by voice_of_all_reason · · Score: 3, Funny

    The internet: Homework Help for both teenagers and network administrations :)

  2. Re:Guest-Intruder VLAN by Anonymous Coward · · Score: 5, Funny
    I've always had good luck with not necessarily tying a MAC to a port, but rather a list of approved MACs.


    You guys always try to do things the hard way. For true ethernet port management just use this.
  3. Too easy... by __aaclcg7560 · · Score: 3, Funny

    One port at a time! The best part is that you don't need to be an MCSE tech to figure that one out.

  4. Why? by Dolda2000 · · Score: 3, Funny

    I'm not exactly in charge of any large area networks, so I'm probably just ignorant, but why would you want to limit physical Ethernet access to begin with? All your actual services are properly authenticated, aren't they? Is it for DoS prevention or proactive security or something completely else?

  5. simple by Keruo · · Score: 3, Funny

    Use epoxy. Just mix the two compound and fill in un-used ports.
    Great securitywise but kinda limits future expanding.

    --
    There are no atheists when recovering from tape backup.
  6. Re:Guest-Intruder VLAN by cybrix · · Score: 3, Funny

    Is that what they use for broadband over powerline?