Windows Server
Thanks to Steve Riley for pointing out some of the vulnerabilities about my post with using 802.1x to secure wired networks: (The whitepaper from this post does address these concerns)
Essentially, the vulnerability is a weakness in the 802.1x protocol — it authenticates only upon connection establishment and assumes all traffic after authentication is legitimate. So if an attacker had physical access to your network, they could unplug an authenticated machine from the switch port and plug it an an ‘attack’ computer and the authenticated computer into a hub that is then connected back to the switch port. A little IP and MAC spoofing……and bingo. (There is a little more to it than that – but you get the gist)
NET/NET – For the highest level of security when using 802.1x for wired networks – use additional defense in depth strategies…..like IPSec.
You can read the more on this here: http://www.microsoft.com/technet/community/columns/secmgmt/sm0805.mspx or in Steve’s Blog.
– Ward Ralston
As we continue to build and innovate, our team looks forward to engaging and learning from you at every opportunity to help ensure Windows Server continues to enable customers to accelerate innovation in their businesses.
Join us March 26 to 28, 2024 at the Windows Server Summit to learn about the latest innovations and best practices, sponsored by Intel®.
Learn how Microsoft has been using Hotpatch with Windows Server 2022 Azure Edition to substantially reduce downtime for SQL Server databases.