The invention relates to the technical field of terminal
admission control, and particularly discloses a terminal
admission control method based on switch
port management. The method includes the steps that after a new terminal gets access to a network, the new terminal is collected through a switch, the unique identification of the terminal is extracted, and the terminal is interrelated with a port of the switch; the unique identification is compared with MAC addresses of an admission
database and judged; if the unique identification is inquired, the new terminal is a legal terminal, and no action is generated; if the unique identification is not inquired, the new terminal is an illegal terminal or an external terminal, the corresponding port of the switch is closed immediately, and close information is recorded in the admission
database; when a new terminal gets access to the network again, the new terminal is joined after
window period processing; the previous steps are executed again to start
processing; if no new terminal gets access to the network, the closed port of the switch is automatically opened after appointed time.
MAC address management is adopted for the terminals, a terminal user is forbidden to change an
MAC address without
authorization, a
virtual machine is managed, HUB access is stopped, and terminal
admission control is accurate and strict.