This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Is there a way to prevent MAC Address Spoofing on ZoneDirector 3000

tristan_zaraspe
New Contributor II

‎03-15-2017 09:23 PM

We are using ZoneDirector 3000 in our environment and lately we noticed that one particular user which we blocked from the network (because user was hogging all the Internet bandwidth) keeps on re-joining the network but with different MAC Addresses.

The user joins the network by a generic username login that we gave our contractors to access the wifi system (AD authentication), so we really cannot Identify the person in our system because there are multiple users using the same generic account login.

We know that its the same user who is repeatedly logging on to the network because he left a unique host name on his device so we can identify it, although, we can see that the MAC Address is changing after several minutes the device was blocked.

Our Solution for now is to create individual accounts for the contractor so that we can easily identify the culprit rather than having them use a single generic account. However, it would be good to know if there is a way we mitigate such instances on the ZoneDirector? If not on the ZoneDirector level, are there any suggestions where to apply a block that can prevent this? Does anybody here experienced the same problem before?

And does anyone know how many MAC ACL entries can a ZoneDirector 3000 series cater?

Thanks guys
8 REPLIES 8

monnat_systems
Valued Contributor II

‎03-15-2017 10:10 PM

Your problem is not a unique however there are couple of ways of handling it to minimize the reoccurences and limit IT/admin overhead

1) Administrative solution: this involves coming up with procedures/guidelines/policy/do's & donts which clearly describes how an user employees and contractor employees is supposed to operate (behave). Cleary written and correctly enforced results in limited or minimum re-occurrence.

2) technical solution: some of the solution already shared in the post however you can make use Ruckus DPSK/Zero IT as it will clearly 1)overcome MAC ACL limitation 2) Mac spoofing would be a thing of a past, 3) security gets hardened and un-breachable 4) no need to maintain external DB or servers for additional auth. this is all inbuilt in ZD's 5) no more headache of maintaining/updating ACL's

hope this helps
0 Kudos

tristan_zaraspe
New Contributor II
In response to monnat_systems

‎03-15-2017 11:46 PM

Thanks Monnat for the suggestions.

We have not Setup Ruckus DPSK/Zero IT yet, do you have any guide on how we could set this up? We only use Active Directory for Authentication, does it require any other special hardware like AAA server perhaps?
0 Kudos

monnat_systems
Valued Contributor II
In response to monnat_systems

‎03-16-2017 06:31 AM

We only use Active Directory for Authentication, does it require any other special hardware like AAA server perhaps? -

no however for your needs, you can use local database on the controller assuming that its for contractors and no or limited access to corporate resources.

read here -- http://theruckusroom.typepad.com/files/dynamic-psk-fs.pdf

http://mytechblog.jarusnait.com/2014/05/wireless-dpsk-setup-with-ruckus-zone.html
0 Kudos

itdept_head_me
Contributor
In response to monnat_systems

‎03-16-2017 06:13 PM

sorry but that is a dumb solution full of crazy assumptions.
0 Kudos
Copyright © 2024 Khoros, LLC