• State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 21 subscribers
  • Views 546 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Port Security settings

pony10

Can CatTools be used to provide a daily email of multiple switches only if they either have ports without port-security or don't have the proper number of MAC's assigned?  For example, on a Cisco switch we use port security however some ports may have had it turned off for some reason.

Another possibility is a computer/user is moved from one office to another. If port security is on then the MAC will be recognized as being on another port so will err-disable the new location.  A tech either uses the third party switch management program or even logs into the switch and does a "no" on the line for the old port resulting in leaving that port open to a rouge device.

I have been asked by our examiner/audit to get a email report that we can use to correct this on a daily basis.  I have CatTools doing a backup of all configurations nightly so I do have text files however I can't find a program/script that can look and alert on lines that should be there but are not. 

Please feel free to ask questions if this isn't clear or more information is needed.

Thank you

  • 0 in reply to bkyle

    Thank you, I will look into that however the issue is not that we don't know when a rogue device connects as much as we don't know when port security is turned off or in our case we assign dummy MAC's to a port at initial set up but when a device is moved to another port we issue a "no" command on the original port and often fail to add in the dummy. 

    Sometimes port-security is simply turned off on a port for say a need to quickly set up a training room and then it is forgotten.

    I am really just looking for a way to be alerted to the above situations.

  • 0 in reply to bkyle

    While not an actual answer to the issue it was still helpful.

    Thank you

  • 0 in reply to pony10

    I ended up writing my own PS script to basically provide this information.  Not the best or most elegant but it works.

    function sendMail()
    {
    $sendTo = "user1@domain.com", "user2@domain.com" #Multiple valuses separated by coma
    $sendFrom = "PowerShell_Report@domain.com"
    $mailSubject = "PowerShell Port Security Report for Branch $($number)"
    $mailBody = "Branch $($number) switch port security report"
    Send-MailMessage -Subject $mailSubject -From $sendFrom -To $sendTo -body $mailBody -Attachments "C:\Program Files (x86)\CatTools3\Configs\Branch_0$($number)_Switchs\BR0$($number)switch.txt" -smtpServer mail.domain.com
    } #End function sendMail

    function sendMail2()
    {
    $sendTo = "user1@domain.com", "user2@domain.com" #Multiple valuses separated by coma
    $sendFrom = "PowerShell_Report@domain.com"
    $mailSubject = "PowerShell Port Security Reportfor Branch $($number)"
    $mailBody = "Branch $($number) switch port security report"
    Send-MailMessage -Subject $mailSubject -From $sendFrom -To $sendTo -body $mailBody -Attachments "C:\Program Files (x86)\CatTools3\Configs\Branch_$($number)_Switchs\BR$($number)switch.txt" -smtpServer mail.domain.com
    } #End function sendMail

    $NumArray = (1..9)
    ForEach ($number in $numArray ) {

    Get-ChildItem -Path "C:\Program Files (x86)\CatTools3\Configs\Branch_0$($number)_Switchs\*.txt" -recurse | Select-String -Pattern Ethernet,maximum,sticky | Out-File -filepath "C:\Program Files (x86)\CatTools3\Configs\Branch_0$($number)_Switchs\BR0$($number)switch.txt"

    sendMail
    }

    $NumArray = (10..11)
    ForEach ($number in $numArray ) {

    Get-ChildItem -Path "C:\Program Files (x86)\CatTools3\Configs\Branch_$($number)_Switchs\*.txt" -recurse | Select-String -Pattern Ethernet,maximum,sticky | Out-File -filepath "C:\Program Files (x86)\CatTools3\Configs\Branch_$($number)_Switchs\BR$($number)switch.txt"

    sendMail2
    }

    The reason for duplication is because I use 2 digit numbers so it would actually be BR01-BR11 and I couldn't figure out how to account for the "0"  emoticons_happy.png

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.