How to secure an aging PC from the switch/router side?

Question

I have an aging Windows XP PC whose purpose is to feed code to a manufacturing machine via a RS-232 connection using machine-specific software. The PC needs to retrieve its code from a network file share. This PC came with the manufacturing machine (purchased used), and I do not have / cannot obtain its administrator password. Furthermore, the PC has automatic updates disabled and its firewall disabled and these cannot be turned on without admin access. I am concerned about the security risk of having an un-updated / un-firewalled PC on my network.

Can I somehow secure this machine through settings on our Cisco managed switch (SG300) in order to limit it to its one and only network related task - which is to connect to a network file share? The machine does not need internet access. It only needs access to a single network file share. Is there a way this can be done?

Here is more detailed info about our network configuration:

- The managed switch is a Cisco SG300. It is handling all Layer 3 switching.
 - The file server is connected to the Cisco SG300 switch.
 - The router is a Ubiquiti Edgerouter X, however I believe this is out of the picture because the Cisco switch is doing all internal switching and handling Vlans.
 - The aging PC is connected to the network via Wifi.
 - The aging PC does not have a Wifi card, so it is connecting to Wifi via a wired-ethernet to wifi adapter (IOGear GWU627W6).
 - The wireless access point is a Ubiquiti Unifi AP-LR, which is connected to the Cisco SG300 switch.

Howard W. · Accepted Answer

Hello,

Unfortunately, there isn't much configuration support for the SG300 platform. If you could replace this device with an IOS based switch such as 3560/3850 you could enable the private vlans feature. This feature will could lock down the PC to ONLY configure with the network file share.

-Information about Private Vlan configurations

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_52_se/configuration/guide/3560scg/swpvlan.html

How to secure an aging PC from the switch/router side?

1 Expert Answer

Still looking for help? Get the right answer, fast.

OR

RELATED TOPICS

RELATED QUESTIONS

Need help with matching: Search tool descriptions

What would be five different states through which ports on a switch running STP can transition.

What is the forward delay in STP?

What trunking protocols does VTP support

How do i calculate current (I) for the circuit shown.

RECOMMENDED TUTORS

How to secure an aging PC from the switch/router side?

1 Expert Answer

Still looking for help? Get the right answer, fast.

OR

RELATED TOPICS

RELATED QUESTIONS

Need help with matching: Search tool descriptions

What would be five different states through which ports on a switch running STP can transition.

What is the forward delay in STP?

What trunking protocols does VTP support

How do i calculate current (I) for the circuit shown.

RECOMMENDED TUTORS

find an online tutor

related lessons