Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Static vs. dynamic dhcp assigned addresses

From: Russ Leathe <Russ.Leathe () GORDON EDU>
Date: Mon, 12 Dec 2011 19:07:38 +0000
Gordon College responses below


1.)    Static for servers, network switches, firewall or other related appliances

2.)    DHCP for all fac/staff/students - RFC 1918 address space

3.)    1 VLAN per building, 1 DHCP pool per building

4.)    We use NAC and can set policy by DHCP pool

5.)    Wireless in every building  - roaming is the only issue

6.)    Printers are static

We have been doing this for about a year.



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mayne, 
Jim
Sent: Monday, December 12, 2011 11:09 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Static vs. dynamic dhcp assigned addresses

TCU has always provided user's with static ip addresses using dhcp reservations. However with the flood of new mobile 
devices it is straining our ability to efficiently assign these types of ip addresses. In discussing a movement to 
dynamic addresses the issue of incident response and troubleshooting comes up.

Would others using dynamic addresses share their tactics and any estimate of added effort involved when tracking down 
issues identified by ip addresses, whether they be from external complaints, IDS logs, firewall logs etc.

Thanks,
Jim

Jim Mayne
Information Security Services
Previous By Date Next
Previous By Thread Next

Current thread: