<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=159683641205248&amp;ev=PageView&amp;noscript=1">

Prevent Unauthorized Network Access by Disabling Active Ports: Port Guardian

Matt Golueke October 30, 2020 0:00 AM

Port Guardian demo thumbnail 2

Let's take a look at a cybersecurity feature that allows you to lock down your network switch to prevent unauthorized network access.

ComNet products have a feature called Port Guardian which is a simple, effective way to prevent unauthorized network access by disabling active ports on your ComNet device. 

In this video, Rocky Montoya, national trainer and A&E program manager for ComNet USA, is going to demonstrate a cybersecurity feature that allows you to lock down your network device to prevent unauthorized network access >>




Here's how Port Guardian protects your network...

Think about an unsecured remote location that has a switch with two security cameras connected to it. The switch has a link back to the main data center. Typically, the switch is secured by disabling the unused ports, but what about the active ports? Anyone with physical access to the switch can unplug an existing device and connect a laptop to an active port to gain access into the network. When you enable Port Guardian on a ComNet device, as soon as a device is disconnected from a switch, that port will be shut down automatically to prevent unauthorized network access. This is simple, yet highly effective.

ComNet Port Guardian Image

The device can be configured to send an SNMP trap to report the state change. From there, a network admin can then dispatch security to the remote location or enable the port remotely.

Port Guardian is available on many ComNet products, including the self-managed switch series, as well as the Made in the USA switch series.


Another Example

In another example, a ComNet four port self-managed switch is in a remote location without supervision. Link activity is present on port one and four. First, the hacker tries to connect to an unused port, but finds that the port is disabled. Then the hacker connects to one of the active ports only to find that it was disabled automatically by Port Guardian when the port state changed. The hacker is completely locked out of the network.


Link Guardian

For applications that require more disciplined data control, ComNet is introducing a new feature called Link Guardian. Link Guardian allows data to travel only in one direction. This is used in guaranteeing protection of critical digital systems, such as industrial control systems, from inbound cyber attacks. Link guardian is only available on our unidirectional media converter. 


Dedication to Cybersecurity

ComNet cybersecurity features are now available on ComNet Made in the USA switches as well as self-managed switches and media converters. Port Guardian is simple to use, effective, and adds real value to your network. These features are available on select ComNet ethernet products free of charge. ComNet self-managed switches and four port media converters are great for applications that require a simple to deploy device that doesn't need to be managed like a traditional switch. With a ComNet self-managed switch, you can enable features like spanning tree IGMP directly on the device using dip switches that simplify installation compared to a standard switch.


TAA Compliance

These are Made the USA devices that are TAA compliant and warrantied for the life of the product. ComNet's world-class application engineers are available to support you every step of the way. Let us help you design the most efficient transmission plan using quality ComNet products. Pre and post-sales support are available free of charge for the life of the product. 



  • If an IP device at the edge is disconnected with intention of accessing the network by connecting to an edge Ethernet port, Port Guardian detects, disconnects, and physically locks out the port.
  • Physically locks out a port on detection of disconnection at edge port
  • Automatically sends SNMP notification to Admin notifying that the port that has been disconnected. Admin can then reset after threat is resolved
  • Physically disconnects suspected port
  • Immune to IP address spoofing
  • Available on Gen2 SMS Products, CNGE2+2SMS(PoE), CNGE4+2SMS(PoE)
  • Available on CNGE11FX3TX8MS(PoE), CNGE3FE8MS(PoE), CNGE24FX12TX12MS(POE)
  • Made in the USA
  • Lifetime Warranty


Contact our team for network design assistance >>



Topics: Technical - Simplified, Your Challenge, Our Solution

Horizontal Line - gray 250px
Search Icon

Search Blog Topics

Horizontal Line - gray 250px

Subscribe to Blog

Horizontal Line - gray 250px

Recent Posts

View More Blog Topics

Trends, interviews, and practical advice on all things Security - Return to Main Blog Page