Answer the question
In order to leave comments, you need to log in
How can you limit the access of some users to certain network segments?
Salute comrades!
I have a problem of the following nature:
The office has both a wired and a wireless network (not all employees have enough sockets) and there are a number of servers. Employees are in one network segment, servers in another (more precisely, in several, depending on the "type of activity"). There are servers with databases on which one common account is created, under which the database is being finalized. Employees connect to the base via the network directly (that is, to the port that the base listens to)
And here's the problem: When an employee leaves, you have to change the password for wifi and change the password for the general account in the database (which is very painful).
Tell me if there are any technologies that allow you to control access to certain network segments.
At the moment, I was offered a very unusual idea, to give access to closed resources only through a VPN. But it seems silly to me, an employee came to the office, connected to the office network, but in order to work, he must also connect to the VPN inside the office.
There were also proposals for AD, but our infrastructure is mainly on Linux
Answer the question
In order to leave comments, you need to log in
Well, the AD controller can also be raised on Samba4. Everyone should have their own username/password for the database, with the appropriate access rights. Authorization on WiFi can be configured from AD or OpenLDAP.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question