Re: prohibiting visitors from connecting to network

[Kelly Lucas <lucaskeli () fastmail fm>]

802.1x security should prevent this, as it requires the registration of 
every MAC address before network access is allowed.

Cesar Diaz wrote:

> List:
>
> My company is looking for a way to prohibit visitors
> to our offices from connecting a laptop to a network
> port and gaining access to our network.  We have
> policies in place prohibiting employees from allowing
> this, and have network jacks in our conference
> roomsthat are on a seperate VLAN that allows only
> access to the Interent.  We still have problems with
> visitors connecting to the network.  In one case an
> infected laptop started spreading a virus in the
> network.
>
> Our network is W2K based and uses DHCP running on a
> W2K server.  We do have some Unix and Linux boxes.
>
> What I'm looking for is a way to secure DHCP so that
> only our laptops/workstations can get a DHCP address. 
> I was thinking of something like EAP used for remote
> access with certificates to keep computers without a
> certificate from receiving an IP address, but I can
> find any information on implementing this.
>
>
> Any ideas, resources or comments are welcome.
>
> Thanks,
>
> Cesar
>
>
>                 
> __________________________________ 
> Yahoo! Music Unlimited 
> Access over 1 million songs. Try it free.
> http://music.yahoo.com/unlimited/
>  


--
Kelly D. Lucas
lucaskeli () fastmail fm