• United States
Senior Editor

Controlling LAN security

Mar 19, 20032 mins

* How users are deploying LAN technology to secure their LAN environments

Most enterprise LAN switch vendors such as Alcatel, Allied Telesyn, Avaya, 3Com, Cisco, Dell, Enterasys, Extreme, Foundry, HP and Nortel include intelligent features such as Layer 3 and 4 access control lists, 802.1x LAN authentication and virtual LAN tagging for segmenting traffic in their products.

This week our Special Focus takes a look at how users are (or in some cases are not) taking advantage of the security features inherent to their LAN switching gear.

For example:

* At Baylor University, a combination of hardware and software was put into action to help the school’s small IT department get a better handle on LAN mischief going on among nosey students with networked PCs. The IT staff found that a few students were making repeated attempts to hack school database servers. Others were downloading excessive amounts of multimedia files, which clogged the LAN pipes and made network access slow. To remedy this, the school employed Layer 3 and 4 look-up services on its Enterasys LAN switches, and created security policies that limit bandwidth and network access to certain mischievous students. The system is called “the penalty box,” says Bob Hartland, director of IT, networks and servers at Baylor.

* At St. Louis-based Webster University, ACLs are also used to limit student activities by blocking certain address groups from accessing servers and other resources that are restricted from student access. Cisco Catalyst 3550 and 2950 switches with support for Layer 3 ACLs, filtering and 802.1x authentication where deployed last year on campus for securing the LAN. The intelligent LAN switches have helped the school give its networked students have access to more services around campus while keeping important resources – such as servers for the Bursars of financial aid offices – accessible only to authorized personnel, according to Benjamin Hockenhull, network coordinator at Webster.

These are only a couple of examples of how users are deploying intelligent LAN technology to better control their LAN environments.  For more, see: