this post was submitted on 24 Nov 2024
1505 points (92.5% liked)

Technology

59731 readers
3091 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] mangaskahn@lemmy.world 2 points 1 week ago (1 children)

MAC is useless as a component of the security check. It's trivial to change; either with a dongle, as you said, or in the network configuration of every major and minor OS.

[–] Mr_Dr_Oink@lemmy.world 2 points 1 week ago

But if i am authenticating a unique third party laptop i could use the mac address and apply a profile in clearpass to authenticate it and apply an ACL to lock the device down as a separate measure to creating a separate vlan for the device.

I wouldn't have called it useless in that regard. But im fairly new to network administration, so perhaps i am not well versed enough to know better.

Our clearpass servers struggle sometimes, and i experience timeouts or rejections when a laptop moves from one usb c docking station to another if they fail dot1x and revert to mab.

Also all of this aside, the fact that all the ports got removed from a laptop and now you have to plig in a £60-100 dock to get all those ports back is an absolute con.