Seperating Mobile Devices for pattern update

[RA Henrik Becker <RA.Becker () henrikbecker de>]

Hi there everybody!

After reading on for quite some time I now have a question, too.

I am thinking about a (secure) way to seperate mobile devices before letting
them into the LAN for virus pattern update.

What I am looking for is any information or best practice to do so.

Example: If an employee comes back to office after e.g. a 21 day trip, his
virus patterns (and maybe other information) might be outdated. So you don't
want him in your office LAN until his laptop updated the pattern information
and scanned the system.

I was thinking towards giving him an IP from a different range until
scanning is complete (eg. 1st 10.0.0.30, after scanning 192.168.0.30).

That way any malware can't infiltrate the LAN from the mobile device.

Any hints to reading, books, info etc are greatly welcome. Coz ... a proven
way to do so also ... ;-)

Thanx in advance!

Viele Grüße / Best regards,

Henrik Becker