is it possible to limit the number of authentication attempts per switch port?
Customer had a buggy device which changed it's MAC address several times per second. They recognised more than 10.000 authentication attempts within one day just from that device.
This excessive authentication session seemed to influence the whole switch, which is a C5G. Also, other devices where not to able to work trouble-free. Especially voice calls suffer from disruptions.
Also the load of the NAC increased and it licenses run out of limit just because this one defective device.
Is there a way / workaround to prevent such incidents?
Furthermore I'd like to raise a feature request: Could you implement a feature to throttle authentication attempts to a configurable number per minute?
I think such an issue could also be used for a DoS attack against a switch an the NAC / RADIUS infrastructure.