Port Security

Dpj
Dpj Posts: 80  Ally Member
First Comment Second Anniversary
in Security

Hello,

An other thing what i am missing. (or i cannot find it)

Port security. We want to secure all networks of our customers for unknown devices. the first option i was thinking about is mac vlan. So i can put known devices in a seperated vlan automatically. But i cannot find it, so next thing was port security. (learning maximum ammount of mac addresses.) but i cannot find it eather.

What are other approaches to secure our networks?

(of course we can disable ports, but we must do that manually.) And in my oppinion MAC based vlan would be perfect.

and when i see vendorID vlans do exist, MAC based vlan is not much different. It should not be to difficult to implement it in Nebula.

yours dennis

Accepted Solution

All Replies

  • PeterUK
    PeterUK Posts: 3,645  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Really when you look at it if something bad is on your LAN that you allowed to be connected then knowing what to trust and not becomes hard there is no automatically way to know what to trust and what not.

    A switch can do learning maximum amount of mac addresses per port and you can ACL MAC list

    Screenshot 2024-10-12 204143.png

    It be best to have the end device you trust with a VLAN tag and unknown devices untag of course if a unknown device works out the tag and MAC in place of a trusted device then that can happen

  • Dpj
    Dpj Posts: 80  Ally Member
    First Comment Second Anniversary

    Ah i see my question is not complete. I mean i miss those settings in Nebula. The image you show seems to be on premise…

  • PeterUK
    PeterUK Posts: 3,645  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Yes I don't know why they did Nebula without all the options like it be easier to have the firewall/switch connect to Nebula as a relay for all the settings

  • Zyxel_Melen
    Zyxel_Melen Posts: 2,993  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    edited October 2024 Answer ✓

    Hi @Dpj,

    You may try port authentication with MAC authentication. Please reference this FAQ first:

    How to configure MAC Authentication via Nebula Cloud Authentication Server (NCAS) on Nebula switch — Zyxel Community

    By the way, may I know which switch model you are using?

    Zyxel Melen


Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)