Some companies will set up guest networks utilizing a parallel network configuration: separate switches or hubs, along with separate DSL/router internet connections. They will then designate certain ports in a conference room to be 'corporate connections' and certain ports to be 'guest network'. They then leave it up to the user to 'pick a port'.
This mechanism does indeed provide a separate path to the internet, but obviously, the weakness is an inability to prevent people from using inappropriate ports.
A better from of enforcement is provided through the implementation of an authentication/authorization protocol called 802.1X. This protocol works with wired as well as wireless networks. Various methods of operation are available. The simplest to to either enable or disable a switch port based upon receipt of appropriate credentials from the supplicant, which is the computer/user being connected to the network. Continue reading "Implementing a Wired 802.1X Network With Cisco..." »