Virus Alerts on Cisco Switches
We have three layers in our network Core, Distribution and Access this is an Campas network wherein all the users are connected to access layer.I wanted to know that is there any command which will aleart me on my Switch either on Core or Access for Virus which is on the users PC by showing MAC address or IP of that infected PC.
IF YES Kindly Guide me.
Software/Hardware used:
Software/Hardware used:
ASKED:
May 4, 2009 11:58 AM
UPDATED:
May 4, 2009 1:08 PM
Answer Wiki:
You will need some type of intrusion detection/prevention system. <a href="http://www.snort.org/">SNORT</a> is one that can help identify rogue traffic based on signatures and rules. For this system to properly work though, it will need to be on a TAP or mirrored port to see all traffic on the network. This will be a challenge in a distributed network. You may need a sensor at each distribution facility to detect traffic that just stays local to that DF.
In the IT trenches? So am I - read my <a href="http://itknowledgeexchange.techtarget.com/it-trenches">IT-Trenches blog</a>
To see all answers submitted to the Answer Wiki: View Answer History.
You’ll also need a resource or two for managing and monitoring such a system. It’s a slippery slope so plan accordingly and built it right up front so it will work for your rather than against you.