[c-nsp] Securing multicast

Fri May 16 05:03:29 EDT 2014

Hi,

As far as I know igmp-ac or mld-auth never took off.

Yes, conditional access is used mainly in video application but not
limited to.

If your application does not support conditional access you will need to
separate the different clients into different vlans or use igmp filters
on the switch ports.

Dumitru

On 16-May-14 11:03 AM, selamat pagi wrote:
> Maybe I'm wwong, but conditional access  seems to me video and TV system
> solutions.
> 
> We are looking for a more general solution, independent to what kind of
> endpoint  is connected to our switch.
> 
> cheers, keti
> 
> 
> On Thu, May 15, 2014 at 11:00 PM, Dumitru Ciobarcianu <cisco-nsp at lnx.ro
> <mailto:cisco-nsp at lnx.ro>> wrote:
> 
> 
>     Conditional access.
> 
>     Dumitru
> 
> 
>     On 15-May-14 23:39 PM, selamat pagi wrote:
>     > We just introduces Pim-SM to our network.
>     > Now we  encuntered a security issue:
>     > 2 PC connected to the same switch, 1 is allowed to join group X,
>     the other
>     > PC should not be able to receive data from group X.
>     > The switch ports of those PC could be different every day and this
>     issue
>     > could concern several hundered users in  future.
>     >
>     > Is there a way to authenticate multicast users?
>     > Or how can such an issue be solved?
>     >
>     > Any ideas highly appreciated
>     >
>     > Cheers,keti
>     > _______________________________________________
>     > cisco-nsp mailing list  cisco-nsp at puck.nether.net
>     <mailto:cisco-nsp at puck.nether.net>
>     > https://puck.nether.net/mailman/listinfo/cisco-nsp
>     > archive at http://puck.nether.net/pipermail/cisco-nsp/
>     >
> 
>     _______________________________________________
>     cisco-nsp mailing list  cisco-nsp at puck.nether.net
>     <mailto:cisco-nsp at puck.nether.net>
>     https://puck.nether.net/mailman/listinfo/cisco-nsp
>     archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> 