Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: prohibiting visitors from connecting to network

From: Kurt Buff <kurt.buff () gmail com>
Date: Mon, 17 Oct 2005 16:17:27 -0700
Cesar Diaz wrote:

List:

My company is looking for a way to prohibit visitors
to our offices from connecting a laptop to a network
port and gaining access to our network.  We have
policies in place prohibiting employees from allowing
this, and have network jacks in our conference
roomsthat are on a seperate VLAN that allows only
access to the Interent.  We still have problems with
visitors connecting to the network.  In one case an
infected laptop started spreading a virus in the
network.

Our network is W2K based and uses DHCP running on a
W2K server.  We do have some Unix and Linux boxes.

What I'm looking for is a way to secure DHCP so that
only our laptops/workstations can get a DHCP address. 
I was thinking of something like EAP used for remote
access with certificates to keep computers without a
certificate from receiving an IP address, but I can
find any information on implementing this.


Any ideas, resources or comments are welcome.

Thanks,

Cesar


This should provide some beginning thoughts for you...

Beware the wrap:

http://www.networkworld.com/news/2005/101705-cisco.html?nltxc=1017ciscoalert1&code=nlciscoalert8958
Previous By Date Next
Previous By Thread Next

Current thread: