[unisog] Cisco 2950 protected ports in residential halls

John C. Gale jcgale at uncg.edu
Tue Nov 22 17:58:53 GMT 2005


Royston

UNCG implemented this in new replacement switch fabric in several 
buildings during an upgrade earlier this year.  Overall, it was a large 
success.  As some will point out, it will prevent some legitimate 
computing use.  However, the main use of the residential network on our 
campus is Internet access.  Anything that impedes the use of email, 
instant messangers, and a web browser use is far worse to our users 
(from their point of view) than intra building connections.  The 
reduction of noise and general pollution is seen as a large positive. 
When the next big outbreak hits, I'm sure we'll enjoy the benefits even 
more.  It is harder to measure success in the lack of complaints 
admittedly, but our users seem to not notice the difference.

We enabled other security features (1 mac per port, dhcp snooping, bpdu 
guard, strom control, etc) at the same time and the only real fallout 
was we did not have the errdisable recovery set initially.  I would 
remind you to set that up or you will have to manually chase them down 
(if you are using any of these features).  Once enabled, even these 
features presented very few incidents while improving stability greatly.

Cheers.

John


More information about the unisog mailing list