HPE Community
Switches, Hubs, and Modems
1753850 Members
7148 Online
108807 Solutions
New Discussion

Re: 5300 security

 
SOLVED
Go to solution
Greg Askew
New Member

‎12-27-2006 08:37 AM

‎12-27-2006 08:37 AM

5300 security

Currently we have 802.1x for our wireless. We need to have security for our wired ports. We are a school district with 24k students and two network folks.
what would be the best security to invoke on the 5300's? By best I mean one that would cause the least distruption to the end users and (hopefully) less calls to the help desk.
802.1x has the most hope but is an issue with the supplicant and configuration (not enough manpower).
We were looking at port security also. If I read the manual correctly, my options on the port will be to either be notified (not timely enough) or have the port disabled (many disgruntled users). I was hoping to block unwanted traffic while permitting authorized users to continue to work...
Thanks
0 Kudos
1 REPLY 1
Sergej Gurenko
Trusted Contributor

‎12-28-2006 07:37 PM

‎12-28-2006 07:37 PM

Solution

Re: 5300 security

For the (most probably unmanaged) 24k users network I would recommend not 802.1X solution. The real pain is administering 802.1X on the unmanaged computers.

Try to look toward in-line NAC solutions optimized for unmanaged environments (like agent-less assessment and optional agent deployment). There are a lot on the market now.

There is also _VERY GOOD_ freeware solution http://www.packetfence.org/ Last one is constantly developing by a several big universities for internal use and also posted to the public domain.
PacketFence is really _BEST_ (easy install, easy GUI, nice reports, etc.)
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.