Looking for a 24 port GB switch that can handle practical MAC filtering

[ikorman]

Folks, hopefully, I am posting in the right place...

I am looking for a managed GB switch that can do MAC filtering. Specifically, I want to have a pre-set whitelist of MACs that are allowed on the network.

I am already in possession of a D-Link switch that can do this, sort-off. The issue is that it only allows to secure a MAC address to one port. If I move a laptop to another port on the same switch, there is no access. Thus, it's a very impractical implementation.

I know I can get a Cisco switch, but the size and noise are an issue. I have access to a Catalyst 2460G which is one of the quiet ones but still, too large and noisy. And config is not the easiest, but that I can deal with.

If anyone is aware of a smaller physical 24-port (or 20 will be OK too) smart switch , please let me know. Thanks in advance!

 

[KenZ71]

Would it be easier to use ddwrt on your router to accomplish this goal?

Alternatively, is there an equivalent to ddwrt, tomato, etc for switches?

 

[System Error Message]

he wants to do it on layer 2 that means you do need a switch for it if the devices arent directlly connected to the router.

Instead of mac filtering it would be better to use RADIUS. I know a few managed switches that can do layer 2 filtering but they stop doing wirespeed when you start adding rules. For example i could drop all communication that doesnt involve the white list but i find layer 2 filtering to all over the place. For example i log the IP address of any device that inputs/forwards on the network via layer 2 but regardless if i use in or out the result is the same.

Both mikrotik and ubiquiti have managed switches only on the highest end of their switch line (for mikrotik it would be the CRS), any lower end and their switches arent fully managed.
HP also have good switches, Juniper, cisco all have good switches. In older fully managed switches they had fans because the switch CPU required to support that throughput was power hungry for the form factor they are in.

 

[sfx2000]

Instead of mac filtering it would be better to use RADIUS. I know a few managed switches that can do layer 2 filtering but they stop doing wirespeed when you start adding rules. For example i could drop all communication that doesnt involve the white list but i find layer 2 filtering to all over the place. For example i log the IP address of any device that inputs/forwards on the network via layer 2 but regardless if i use in or out the result is the same.

Concur - RADIUS is a much better solution - the accounts in the RADIUS server are the "whitelist" period...

 

[fiberboy]

Have a try in Fiberstore. They may have the one you need. Or you could tell your requirements and they could provide custom service for you. Good luck!
http://www.fs.com/c/poe-media-converters_1186