Pretty much any frame can be used to learn the MAC address except for CDP, LLDP, STP, and DTP traffic. When you enable MAB on a switchport, the switch drops all drops all frames except for the first frame to learn the MAC address. If you can’t use 802.1X but still want to secure your switch ports somehow, you can use MAC Authentication Bypass (MAB). This is no problem with most modern devices but what if you have a network printer or camera that doesn’t support 802.1X? 802.1x is a great way to protect your network by authenticating everything you connect to your switch ports, However, one disadvantage of 802.1X is that your end devices have to support it.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |