Port security isn't just available on cisco...it's available on many 'managed' switches...
You need be careful when picking a switch and look at all the different features. For example on 3COM SuperStack switches you can set security mode on or off for each port (it also learns the MAC of the first frame), but doesn't offer a monitoring port (mirrors all traffic to the port for administrative parsing) it only allows one port to be mirrored at a time. It's a good security move to disable the ports not in use (another feature many managed switches have) and enable security on the ones that are in use. -tim -----Original Message----- From: leon [mailto:[EMAIL PROTECTED]] Sent: Friday, May 17, 2002 8:30 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Restricting DHCP addresses to known MAC's via Win2K DHCP server This can be done with cisco switches and port security. IN FACT you don't even have to hard code the mac address you can actually tell the switch to set the port for the mac addy of the first frame it recieves. HTH, Leon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 15, 2002 10:04 AM To: [EMAIL PROTECTED] Subject: Restricting DHCP addresses to known MAC's via Win2K DHCP server There's been periodic discussion on this list about restricting DHCP leases by MAC address and the relative merits of doing so. My question is once the decision is made to do it, how is it being done? Does anyone know how to do it in a Win2K server environment? (Win2K DHCP services...) If not possible, is there a typical strategy people are using to restrict granting of DHCP addresses to known MAC's?
