Blocking Randomized MAC

Comments

8 comments

  • Official comment
    Matt

    Hi @AR, that should be possible with Device Access Control - Blocking unauthorized devices. 

    Please see this document:

    https://www.zenarmor.com/docs/devices/device-access-control

    Comment actions Permalink
  • AR

    Hi Matt,

    Thanks, I've looked at that but it doesn't do what I need.

    I'm not looking to whitelist every devices as this would be very time consuming to maintain and require intervention with every visitor's device.

    I'd just to like exclude any device using a randomized MAC address to be blocked. Using randomised MAC is an effective way of by passing Policies set in place for known devices.

    Thanks.

     

     

    0
    Comment actions Permalink
  • Matt

    @AR, thanks for the feedback. Engineering team is currently working on identifying those randomized mac addresses. We've conveyed your request. We should be able to block them once we can identify them. 

    0
    Comment actions Permalink
  • AR

    Thanks for the update Matt.

    I can see this being used in our commercial environment but where it will really shine, is in the home environment for parental control.

    This essentially would prevent kids using randomized MACs to by pass filtering while still allowing visitors internet access without having to manually set each device as trusted.

    Thanks

    0
    Comment actions Permalink
  • AR

    I've noticed that you can now see if a device is using a randomized MAC address - this is flagged against a device.

    This is fine but has very little benefit on its own. Any action taken against such device is still manual and not system wide. Which means having to intervene every time a new device connects.

    To make this a useful feature, there needs to be an option to block/restrict such devices in Policy settings.  

    0
    Comment actions Permalink
  • SVN Support Team

    Mark their own devices as trusted, then mark such devices as untrusted. Then, can you try again by blocking untrusted devices in policy?

    Thanks,

    0
    Comment actions Permalink
  • AR

    I understand how trusted and untrusted devices work. And this doesn't cover the issue of randomized MACs.

    You have the ability to identify randomized MACs - so why not allow blocking without manual intervention?

    I don't want to logon to Opnsense every time I have a visitor.

    If I have visitors, all they they need to do is turn off randomized MAC to get access.

    If they use randomized MAC then no access. It's a very simple request.

    Please pass this on to the developers. 

     

    0
    Comment actions Permalink
  • SVN Support Team

    We will forward the request to the product team for implementation in upcoming releases. Please stay updated for the release notes.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Powered by Zendesk