Technologies: Enterprise Security

Port security

Network ports are all around us. Most are in physically secured environments, but many are not. Using 802.1x port-based network access control, MAC based authentication or a mix of the two, the network administrator can lock down access on a port-by-port basis to authorized users or devices. A guest VLAN can be configured to provide restricted access, perhaps to the Internet via a DMZ, or a remediation server.

Rogue DHCP server detection

DHCP provides an essential function in every network, issuing IP addresses to devices, facilitating communication between them. The introduction of a rogue DHCP server into any network can wreak havoc, with devices receiving incorrect addresses for the networks they’re connected to. Meraki provides administrative insight into which devices are issuing IP addresses, with the option to allow only approved servers to do so.

Port isolation

There are times when it may be desirable to isolate groups of ports to prevent communication between separate entities. A hotel may wish to isolate guest room ports from one another, while still allowing communication out to the internet, or to a login portal. A co-working space may wish to provide secure communication between all members of an office unit, without sharing the same resources with the unit next door. With Meraki switches, ports can easily be grouped and isolated by the network administrator, without the overhead associated with managing large numbers of VLANs.