How to secure an aging PC from the switch/router side?
I have an aging Windows XP PC whose purpose is to feed code to a manufacturing machine via a RS-232 connection using machine-specific software. The PC needs to retrieve its code from a network file share. This PC came with the manufacturing machine (purchased used), and I do not have / cannot obtain its administrator password. Furthermore, the PC has automatic updates disabled and its firewall disabled and these cannot be turned on without admin access. I am concerned about the security risk of having an un-updated / un-firewalled PC on my network. Can I somehow secure this machine through settings on our Cisco managed switch (SG300) in order to limit it to its one and only network related task - which is to connect to a network file share? The machine does not need internet access. It only needs access to a single network file share. Is there a way this can be done? Here is more detailed info about our network configuration: - The managed switch is a Cisco SG300. It is handling all Layer 3 switching. - The file server is connected to the Cisco SG300 switch. - The router is a Ubiquiti Edgerouter X, however I believe this is out of the picture because the Cisco switch is doing all internal switching and handling Vlans. - The aging PC is connected to the network via Wifi. - The aging PC does not have a Wifi card, so it is connecting to Wifi via a wired-ethernet to wifi adapter (IOGear GWU627W6). - The wireless access point is a Ubiquiti Unifi AP-LR, which is connected to the Cisco SG300 switch.