Hi,
I suggest you check page 11 of the
wired enforcement guide as it explains the various enforcement options to secure your wired infrastructure. These options are not specific to ClearPass although ClearPass can simplify the deployment. Usually we recommend to go for 802.1x where ever possible and enable less secure options as needed.
Yes, usually you can configure the switch to limit the number of mac addresses per port, but do you really want to do this? Will it be an appropriate and scalable solution from operations point of view?
------------------------------
Ayman Mukaddam
------------------------------
Original Message:
Sent: May 28, 2021 03:54 PM
From: Damir Imamovic
Subject: deny to dumb switches
Hi,
what is best way to deny any of dumb switches like TP-Link being attached to port on A, E or CX series switches without locking port to one specific mac?
Is there a way to limit number of MAC addresses active on port ?
Thank you.
------------------------------
damima
------------------------------