Case Study 2 - Restricting Network Access To Known Computers | 75 |
Case Study 2 - | This case study describes the tasks that need to be performed in order to |
Restricting Network | restrict network access to known computers, using |
Access To Known | authentication. |
Computers | It is an example of |
| |
| device needs to be listed in the RADIUS server before it is allowed access |
| to the network. This mode relies solely on authenticating the MAC |
| address of each attached device. |
| and servers) can still connect to the network, while the network blocks |
| rogue devices, such as unknown wireless access devices. This mode does |
| not require user authentication and hence does not provide any network |
| protection against unauthorized user login. |
Network The following provides an overview of the tasks for a network Administrator Tasks administrator responsible for the domain on the network.
1Ensure edge port security is set to
Edge ports are called ‘access ports’ on the Switch 5500.
Using 3Com Network Access Manager:
2Select the Default Rule and set the Network Access to Deny, see “Changing Rule Properties” in Chapter 3.
3Create an Authorized Computers rule which will allow network access, see “Creating A New Rule”in Chapter 3.
a Set security permissions for the rule. Grant READ and WRITE access to the users/groups permitted to apply the rule, grant READ access to all Network Administrators in the domain to ensure they can see that the rule exists even if they are not permitted to apply the rule.
b Set the Actions for the rule: select the rule priority, and set Network Access to Allow, if appropriate select the VLAN, QoS profile and EFW policy for the rule.
4Enter the MAC addresses for all devices in the domain. For information on entering MAC addresses, see “Entering MAC Addresses For A Computer”.
5Create a new group which will hold the computers that are allowed access, see “Creating A New Group” in Chapter 3.
