4 Replies Latest reply on Oct 7, 2016 5:50 PM by pony10

    Port Security settings

    pony10

      Can CatTools be used to provide a daily email of multiple switches only if they either have ports without port-security or don't have the proper number of MAC's assigned?  For example, on a Cisco switch we use port security however some ports may have had it turned off for some reason.

       

      Another possibility is a computer/user is moved from one office to another. If port security is on then the MAC will be recognized as being on another port so will err-disable the new location.  A tech either uses the third party switch management program or even logs into the switch and does a "no" on the line for the old port resulting in leaving that port open to a rouge device.

       

      I have been asked by our examiner/audit to get a email report that we can use to correct this on a daily basis.  I have CatTools doing a backup of all configurations nightly so I do have text files however I can't find a program/script that can look and alert on lines that should be there but are not. 

       

      Please feel free to ask questions if this isn't clear or more information is needed.

       

      Thank you

        • Re: Port Security settings
          bkyle

          I would recommend looking at Universal Device Tracker:

           

          Device Tracker and Switch Port Management | SolarWinds

            • Re: Port Security settings
              pony10

              Thank you, I will look into that however the issue is not that we don't know when a rogue device connects as much as we don't know when port security is turned off or in our case we assign dummy MAC's to a port at initial set up but when a device is moved to another port we issue a "no" command on the original port and often fail to add in the dummy. 

               

              Sometimes port-security is simply turned off on a port for say a need to quickly set up a training room and then it is forgotten.

               

              I am really just looking for a way to be alerted to the above situations.

              • Re: Port Security settings
                pony10

                While not an actual answer to the issue it was still helpful.

                Thank you

                  • Re: Port Security settings
                    pony10

                    I ended up writing my own PS script to basically provide this information.  Not the best or most elegant but it works.

                     

                    function sendMail()
                    {
                    $sendTo = "user1@domain.com", "user2@domain.com" #Multiple valuses separated by coma
                    $sendFrom = "PowerShell_Report@domain.com"
                    $mailSubject = "PowerShell Port Security Report for Branch $($number)"
                    $mailBody = "Branch $($number) switch port security report"
                    Send-MailMessage -Subject $mailSubject -From $sendFrom -To $sendTo -body $mailBody -Attachments "C:\Program Files (x86)\CatTools3\Configs\Branch_0$($number)_Switchs\BR0$($number)switch.txt" -smtpServer mail.domain.com
                    } #End function sendMail

                    function sendMail2()
                    {
                    $sendTo = "user1@domain.com", "user2@domain.com" #Multiple valuses separated by coma
                    $sendFrom = "PowerShell_Report@domain.com"
                    $mailSubject = "PowerShell Port Security Reportfor Branch $($number)"
                    $mailBody = "Branch $($number) switch port security report"
                    Send-MailMessage -Subject $mailSubject -From $sendFrom -To $sendTo -body $mailBody -Attachments "C:\Program Files (x86)\CatTools3\Configs\Branch_$($number)_Switchs\BR$($number)switch.txt" -smtpServer mail.domain.com
                    } #End function sendMail

                    $NumArray = (1..9)
                    ForEach ($number in $numArray ) {

                    Get-ChildItem -Path "C:\Program Files (x86)\CatTools3\Configs\Branch_0$($number)_Switchs\*.txt" -recurse | Select-String -Pattern Ethernet,maximum,sticky | Out-File -filepath "C:\Program Files (x86)\CatTools3\Configs\Branch_0$($number)_Switchs\BR0$($number)switch.txt"

                    sendMail
                    }

                    $NumArray = (10..11)
                    ForEach ($number in $numArray ) {

                    Get-ChildItem -Path "C:\Program Files (x86)\CatTools3\Configs\Branch_$($number)_Switchs\*.txt" -recurse | Select-String -Pattern Ethernet,maximum,sticky | Out-File -filepath "C:\Program Files (x86)\CatTools3\Configs\Branch_$($number)_Switchs\BR$($number)switch.txt"

                    sendMail2
                    }

                     

                    The reason for duplication is because I use 2 digit numbers so it would actually be BR01-BR11 and I couldn't figure out how to account for the "0"