Network Security Enhancements: What it Means to Your Department

 

Vocabulary Prerequisite  

IP address – a unique number that devices use in order to identify and communicate with each other on a computer network. An IP address can also be thought of as a street address or a phone number but for a computer or other network device on the internet. Just as each street address and phone number uniquely identifies a building or telephone, an IP address can uniquely identify a specific computer or other network device on a network.

 

Executive Summary

LTS will soon activate a new security measure on the LAN. SourceGuard , a feature built into our Cisco switches, ensures that IP address assignment is done only by genuine LTS servers. This assurance will help prevent network eavesdropping as well as mitigate other security threats.

 

Further Detail

Part of this implementation requires that all IP addresses are assigned using a method known as Dynamic Host Configuration Protocol (DHCP). Thankfully, this is not as confusing as it sounds. In most cases when you plug your computer, printer, or other device into the LAN it requests an IP address. Alternatively, some devices specify (as opposed to request) their own IP address. This alternative method is known as “hard coding” an IP address. Lehigh's network presently allows for both methods. In the interest of security, Lehigh will soon allow only the DHCP method.

Example of DHCP in action: You plug your computer into the LAN and it tells the network “I need an IP address. Please, someone give me an IP address to use!”

Example of hard coding in action: You plug your computer into the LAN and it tells the network “I'm going to use the IP address I want to use and don't care what anyone else thinks.” (Note: There is a way to obtain a static IP address for your computer or device. See FAQs below.)

 

Impact 

If you have devices with hard coded IP addresses they will soon be unable to communicate on the LAN. All devices MUST request IP addresses through Lehigh's DHCP server. The good news is that hardcoding is rare and most devices already use DHCP. Your subnet will be checked for non-DHCP devices prior to enabling SourceGuard and your LTS computing consultant will share the results with you.

 

FAQs

Question: I must have a static IP address on my PC, printer, etc. What happens to me?

Answer: No problem – DHCP can be set to assign the same IP address to your computer every time it requests one. Request this service through your LTS computing consultant.

 

Question: What happens if I have a device on the LAN that does not support DHCP?

Answer: It will not work after SourceGuard is turned on. However, if the device is connected to a special adapter, it would function normally. The cost of this adapter is less than $50 and more details can be obtained from your LTS computing consultant.

Click here for adapter setup info.

sgl3 6/23/06