this post was submitted on 24 Nov 2024
        
      
      1530 points (92.5% liked)
      Technology
    76339 readers
  
      
      3978 users here now
      This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
        founded 2 years ago
      
      MODERATORS
      
    you are viewing a single comment's thread
view the rest of the comments
    view the rest of the comments
 
          
          
MAC is useless as a component of the security check. It's trivial to change; either with a dongle, as you said, or in the network configuration of every major and minor OS.
But if i am authenticating a unique third party laptop i could use the mac address and apply a profile in clearpass to authenticate it and apply an ACL to lock the device down as a separate measure to creating a separate vlan for the device.
I wouldn't have called it useless in that regard. But im fairly new to network administration, so perhaps i am not well versed enough to know better.
Our clearpass servers struggle sometimes, and i experience timeouts or rejections when a laptop moves from one usb c docking station to another if they fail dot1x and revert to mab.
Also all of this aside, the fact that all the ports got removed from a laptop and now you have to plig in a £60-100 dock to get all those ports back is an absolute con.