Modern networking continues to provide an improvement in communication and information access. As an example, in-house data centers, associated with a particular entity of interrelated group of users, could contain a large number of information technology (IT) resources that are interconnected through a network. These networks are configured in different ways depending on implementation-specific details such as the hardware used and the physical location of the equipment, and depending on the particular objectives of the network. One common type of network configuration is a local area network (LAN). In actual practice, a typical LAN will include large numbers of computer systems and switches (as well as other devices). Devices such as computer systems, routers, switches, load balancers, firewalls, network switches, and the like, are commonly linked to each other in networks.
Network switches are normally used to provide an access to the network. For example, a user will normally connect to one or more of the ports of a network switch to access the network (e.g., LAN, wide area network (WAN), Internet, or the like). However, one of the security concerns of network access is the availability of and access to the network switch. That is, the network can only be as secure as the weakest access point. In many cases, the network switch (or port) is the weakest access point. For example, if a network switch is located in a shared location, e.g., a conference room, any person in the conference room may plug into a port of the network switch and gain access to the network.
The problem is even more pronounced in a location that is utilized on a part-time basis. For example, a group may use a firehouse hall for a gathering or meeting place. In the firehouse hall there may be a port for the firehouse network. Therefore, a guest may simply plug into the port and gain access to the entire firehouse network. In some cases, this access may be benign, but in other cases, the access may be malicious.
In order to prevent access to the ports of the network switch, a plurality of measures can be taken. In one case, an administrator may be assigned the job of physically disconnecting the port from the network, such as at the wiring closet. In another case, the port or network switch may be physically covered to stop a user from accessing the port.
However, these methods are time consuming, labor intense, and are very inflexible. For example, if a user is still working when the port is disconnected at the wiring closet, productivity will be affected. Additionally, there may be confrontation at the port when the administrator arrives to cover the access to the port. If a user has to work late, both the user and the administrator are deleteriously affected. The user must justify the need to maintain access to the network, and the administrator must return at a later time to cut-off the access to the port.
These problems are even more detrimental in an environment with mixed working hours and the network switch being disconnected from the network includes a plurality of ports. For example, the users may not be on the same port but may be using the same network switch. For example, if the firehouse hall and the Captains office are on the same network switch, the Captain will be disconnected when the firehouse hall network switch is removed from the network.