barox, the manufacturer of IT switches designed specifically for the demands of video networks, has introduced ‘Smart Sticky’ MAC and IP address enterprise-class network security. Supporting built-in cyber security on all barox RY-switches, the ‘Smart Sticky’ address learning adds an additional layer of high security.
An easy and automatic process via the barox DMS GUI, once configured the barox ‘Smart Sticky’ function learns the dynamic MAC addresses of all connected ports/devices and VLANS, turning them into secure MAC addresses, adding each secure MAC address to the running configuration and freezing them and their associated IP addresses. In other words, making them ‘Sticky’.
While traditional device protection via MAC filtering alone offers simple protection against unwanted network access, it does not, for example, protect against a widespread attack of ‘MAC spoofing’. ‘Smart Sticky’, with its combined MAC and IP address protection, provides advanced port and network security with Limit Control settings. With this functionality, enterprise-class cyber and physical security is provided with the port being shut down in the advent of the unplugging of a camera/device.
By learning the MAC and IP address of each and every port, it’ not possible for a port to be hijacked. This prevents an ‘unknown’ device from being able to access the network to attack the system for spoofing/phishing and stops it from being used for malicious attacks. Only devices with a known MAC and IP address will operate on the network.
If non-managed switches are connected to terminal devices at the barox switch, Limit Control can be used to block free IP/Ethernet terminals and prevent access to the network ports of those non-managed switches.
“‘Smart Sticky’ provides a very high level of cyber and physical network protection for use within a wide variety of applications,” said Rudolf Rohr, barox’s co-founder and managing partner. “This is particularly the case where outdoor networks like those for car parks would leave devices such as cameras open to threat, whereby they could be unplugged and a rogue device plugged in. On activation, the ‘Smart Sticky’ function is able to learn the entire MAC and IP address configuration of all ports on a network. In addition, limits can be set to make sure that any unused ports are blocked to prevent their use and access to the system, while active ports are fully protected against unauthorised usage.”
Rohr added: “Switch rules can also be set to govern specific port In/Out TCP streaming and a White/Blacklist established. Furthermore, any changes to network/device configurations need to be authorised to take effect.”