A Media Access Control (MAC) address is a string of numbers and letters unique to a device or part of a device, which can be used to identify it. MAC addresses are one piece of information, alongside IP addresses and other things, that network security systems use to identify and verify the devices connecting to a network.
In this guide, we’ll take a closer look at what a MAC address is, how it works in networking and Wi-Fi environments, and the main security considerations to keep in mind.
What Is a MAC Address?
A MAC address is a unique hardware identifier that’s used to identify a device on a network.
Typically, every device is permanently assigned a MAC address by its manufacturer. More technically, the MAC address is assigned to a device’s Network Interface Controller (NIC), so some devices might have multiple MACs. For example a laptop might have one MAC address for connecting to Ethernet networks and one for Wi-Fi networks.
To ensure only approved devices access a network, a network switch or access point can check whether a MAC address matches a server’s approved list of devices. This approach is vulnerable, however, as it’s relatively easy to copy a MAC address onto another device, which is called MAC spoofing. Establishing strong network security today involves using more than a MAC address to verify device and user identity.
Structure and Format of a MAC Address
A MAC address is usually structured in a 48-bit format with six pairs of two hexadecimal characters (from 0-9 and A-F) separated by colons, a format known as hexadecimal encoding. An example of a MAC address might be: F0:18:98:B2:A2:D3. The first half of this string is generally an Organizationally Unique Identifier (OUI), that identifies the device manufacturer, while the second half is unique to the device’s NIC.
MAC Address vs IP Address
A MAC address might seem similar IP address. The main difference is that a MAC address is typically permanently attached to a device, while an IP address is location-dependent, and can change. Basically, a MAC address is like a social security number, while an IP address is like a mailing address.
MAC addresses and IP address also operate at different layers of the Open Systems Interconnection (OSI) model. A MAC address primarily functions at the Layer 2 data link level, while an IP address primarily functions at the Layer 3 network level.
What Is a MAC Address Used for in Networking?
As a Layer 2 technology, MAC addresses are used to move data to the intended hardware within a local network.
Suppose a computer wants to send a print request a printer on the same network. That request would generally pass through a switch that references a MAC address table to send the data specifically from the computer to the printer, rather than broadcasting the data to every device connected to that network.
A MAC address is also used for MAC Authentication Bypass (MAB). When a device does not support 802.1X authentication, as is the case with many IoT devices, a switch or wireless access point can send a RADIUS access-request message to check the MAC address against a list of approved devices. MAB is often used in networks, but can be made safer with the addition of systems like dynamic access lists.
What Is a MAC Address Used for in Wi-Fi?
MAC addresses also play an important role within Wi-Fi networks. Generally, a device will broadcast its MAC address over the air, and if authenticated to access the network, it will be added to an association table that tracks connected devices. Using that table, the access point uses MAC addresses to send data to the correct locations, acting as a bridge between wireless and wired protocols.
MAC Address Spoofing and Security Limitations
While MAC addresses play an important role in both wired and wireless networking, a key issue is that these addresses aren’t secret.
Readily available software can identify a device’s MAC address, giving a hacker the necessary information to spoof it. By giving their own device that same MAC address, an intruder would appear on the list of approved MAC addresses, potentially giving them access.
Additionally, today it’s relatively common to use software that randomizes MAC addresses with every network connection — for example this is standard on most smartphones now. MAC randomization reduces the reliability of static MAC filtering because device addresses may change per SSID or session.
Relevance and Uses for MAC Address Today
MAC addresses aren’t irrelevant. In some ways, they’re even more important than ever, given the growing number of internet-connected devices that can’t complete complex verification processes, like smart lightbulbs and connected health devices.
The key is to ensure that MAC-based access control isn’t the only line of defense. Ideally, systems add 802.1X certificates to MAC-based access control — these certificates are harder to spoof. Then, if a device can only use a MAC address, it could be segmented into an isolated area of your network, rather than given full access.
Using solutions like the JoinNow Platform from SecureW2 makes these processes easier. You can automate certificate issuance, which simplifies BYOD onboarding. And you can link MAC addresses to with Cloud RADIUS to segment access into different VLANs when certificate-based authentication isn’t possible.
Book a demo today to see how SecureW2 can help you strengthen network security while streamlining device access and reducing IT workloads.
