[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Application or Software to detect or Block unmanaged swicthes

as already said - this can be covered with adequate processes and
management (even so far as, not doing your job right? time
for HR...). however, there are many ways to ensure that random ports arent
doing anything other than what they should be doing - most of these
are L2 security features - port-security, BPDUGAURD, default vlan pruning,
along with other protections such as DHCP snooping etc.

however, if its the network team doing this - then they could just turn
those things off anyway - so you need to also ensure all
managed switch configs have their configs audited and checked - grabbed by
SNMP and checked/audited against known template etc etc.
if a switch cannot be audited then disconnect its uplink..... but then your
end users/customers no longer have connections - which is why its
really down to management processes.  WHY are they doing this? there could
be other reasons why due process isnt being followed
other than eg incompetence, malice,  laziness etc