Device Reporter and Disabler

[brogalski () bkrservices com]

All, 

I am looking for some feedback. Our large financial company does some transactional processing via vendor and client 
connections. The medium for one in paticular is still dial-up (if you can believe that) and the data is deemed high 
risk. The only reason we still process the data in this manner is because of the vendor. The configuration we would 
like to implement is a kiosk machine with no physical layer access to our LAN. We want to report, audit and disable 
devices being attached to prevent possible threats being sneakernetted to the LAN. 

I will also be investigating shutting the USB off in the BIOS, protecting it with a password and removing the CDROMs. 
The OSes will be XP. In the meantime does anyone have any thoughts on products with which they have had success?

Thanks