Great stuff! Thank! To me is great that you are also using SMB swiches - cheap alternative to 'real' cisco 👍. Not as professional but there are administrators that must work in small business/cost efective enviroment 😔 Keep on good work!!!
@@ZippyDooDa435 I think that's because he stays within his LAN, so there's no one who could capture the traffic. But I agree, just to play it safe, he should use SSH.
Simple port security / Mac persistence is a cheap way of stopping the regular Joe plugging his personal laptop into the company network that does not have any sort of corporate security posture. Obviously a sophisticated attacker will be able to bypass this - however it's a good quick win where you don't have a full fledged PKI or identity solution
Thank you, Jeremy!!!!
Always good as gold. Great work Jeremy.
Thanks Jeremy. Its to nice validate things you know. I’ll be making a video about port security also. 😂
Jeremy, are you planning to do a ISE implementation or series in the channel? on the near future maybe? .
Legend
Great very helpful----Thank you
Great stuff! Thank! To me is great that you are also using SMB swiches - cheap alternative to 'real' cisco 👍. Not as professional but there are administrators that must work in small business/cost efective enviroment 😔 Keep on good work!!!
Why do you call it Thunderbird?
It’s a Mac. What should it be? It’s not a new model that uses usb-c.
I am only allowing authentication via 802.1x for connections to my switches
Remember, use SSH as opposed to Telnet.
Yeah dude I keep seeing him use telnet and I’m like wtf?
@@ZippyDooDa435 I think that's because he stays within his LAN, so there's no one who could capture the traffic. But I agree, just to play it safe, he should use SSH.
First
Oh yes, changing the MAC address in any computer is soooo hard...
If you want real security in your ports you need authentication/certificates.
Simple port security / Mac persistence is a cheap way of stopping the regular Joe plugging his personal laptop into the company network that does not have any sort of corporate security posture. Obviously a sophisticated attacker will be able to bypass this - however it's a good quick win where you don't have a full fledged PKI or identity solution