dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
10
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to Uncle Paul

MVM

to Uncle Paul

Re: Switch Connection Limits/Throttling

A Catalyst switch on its own has configurable levels for broadcast control and storm control, but it doesn't have much
intelligence beyond x number of frames per second tracking.

You'd have to look up the NAC / Clean Access product page here for more info. As I've never worked on or deployed a
NAC solution before, I can't offer much more Uncle Paul. I also suspect some combination of internal IDS / IPS may
have been part of the solution as well where you last worked.

Just my 00000010bits.

Regards

tubbynet
reminds me of the danse russe
MVM
join:2008-01-16
Gilbert, AZ

tubbynet

MVM

said by HELLFIRE:

You'd have to look up the NAC / Clean Access product page here for more info.

ise is the way to go.
its a central policy server that is tied into the switch, rather than with the bulky cam/cas architecture that can create some route/switch trickery requirements. also -- you'll need to work with a cisco advanced technology partner for ise (or at least you used to) as the part numbers are restricted for ordering. however -- its much nicer to work with from a central policy management perspective (and very straightforward from a user-policy perspective).

q.