Sites with Unmanaged Switches2017-12-01T15:06:10-04:00
1.56K views
0

Admin, I would like to know GNAC Address sites where there is no managed Switches, I,e Switches that can not be configured with SNMP. So, I have a client with sites where by only 1 Switche is managed , 4 others are not managed , they are hubs or dummy switches . Corporate endpoints are connected to both managed and unmanaged switches . My questions.

 

1- How does IPAM works in this scenario?

2- Can i still block unassigned IP addresses with IPAM at this site ?

3- If I have policy to block rogue endpoints , how do I achieve this despite the fact that both corporate and rogue endpoints are all connected to these unmanaged switches?

0

1- How does IPAM work in this scenario?

IPAM works with both Managed and Un-managed switches as the Network Sensors listen to all traffic and can block the endpoint devices IP/MAC without the need of using SNMP to manage the switches. We can block endpoints with Layer 2 ARP Spoofing, and Layer 3 TCP Resets

 

2- Can I still block unassigned IP addresses with IPAM at this site?

Yes, you can block unassigned IP Addresses with IPAM by going to Management > IP Address > (Click On Network Sensor) > (Select IPs to block) > Tasks > Deny IP

 

3- If I have the policy to block rogue endpoints, how do I achieve this despite the fact that both corporate and rogue endpoints are all connected to these unmanaged switches?

You can create a Corporate Group and identify Endpoints belonging to this group and allow them onto the network. Then apply your Rogue Endpoint Policy to block all other un-authorized endpoints. We can block endpoints with Layer 2 ARP Spoofing, and Layer 3 TCP Resets, this can be done with both Managed and Un-managed Switched environments.