Re: How Do I Keep Private Computers Off of Our Network?

That'll fix their wagons!
<g>
--
/kj
"razor" <razor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1F238A6A-D7E6-49A8-B4E5-ABB728946ACD@xxxxxxxxxxxxxxxx
Yes, I was thinking the same thing. I took a look at Cisco's NAC and we
are
going to get a quote. It might be overkill, but our switches are not
managed--we went with low-cost SMCs.

Thanks,

sd

"kj" wrote:

Kinda in the middle. If your switches are managed and have 802.1x
capability, I'd look into using that.

A lower end would be to use reservations for all the 'authorized'
workstations and a special scope for those occasional walk-in devices.
This
method would only discourage the casual abuser and adds some
'maintenance'
work for the admin.

If you really need to lock it down then Network Access Control through
quarantine is needed. Microsofts next server version is supposed to
implement a version of this and third parties offer solutions today.

--
/kj
"razor" <razor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:835A07D7-391C-430A-8960-9CDC64E66D33@xxxxxxxxxxxxxxxx
About 100.

"kj" wrote:

I suspect a viable solution would depend upon the scale of your
environement. How many workstations & locations do you have?

--
/kj
"razor" <razor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:90D42BA3-F201-434D-AA45-7BCE5531123B@xxxxxxxxxxxxxxxx
Ah, thanks. I just stumbled across the fact that somone had done
this.
I
am
not sure how I can set up some kind of an alert if they try it
again--other
than just checking every day.

sd

"kj" wrote:

If you have managed switches you can in most cases restrict their
ability
to
connect to the network.

When you determine the MAC address of the personal laptop and you
are
using
DHCP, you can set up a "Reservation" that gives the laptop totally
bogus
lease values and discourage future use. 802.1x is the effective
method
for
this, but time consuming to setup and hardware capable dependant.

--
/kj
"razor" <razor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:92848A13-4227-4EB3-98C3-2E27C6D1A9D1@xxxxxxxxxxxxxxxx
Thanks. This is an employee that has done this arleady, and we
are
trying
to
locate them if they do it again. What we believe is happening is
that
they
are using their business computer's wired connection to connect
their
personal laptop. I was just wondering if they did it again if
there
was
a
way
to trace where the connection took place?

sd

"Al Mulnick" wrote:

NAC is a term that is often bandied about when trying to do
this;
have
a
look for that term and check with your network vendor to get
more
details.
Controlling ethernet drops (or token ring for that matter) at
the
wall
plate
by leaving them all off unless otherwise instructed has worked
fairly
well
for many but doesn't preven the really dedicated from unplugging
one
and
then introducing the next. Using secured wireless networks is
helpful
but
users sometimes have a tendency to find out the ssid and giving
it
out;
they
should be shot but there are apparently some laws against that.
(I'm
kidding
although penalties should be stiff.) Those kinds of things
prevent
people
from connecting to your network.

Al

"razor" <razor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:586908AB-9C45-4C6B-B00E-CEFB0CC0FEEE@xxxxxxxxxxxxxxxx
Hello--

I was going through some routine systems managment when I saw
that
someone
had connected a personal computer to our network--where it
created
an
unrecognized workgroup name.

We sent out an email instructing everyone not to do this in
the
future,
but
wondered if there are any monitoring or other utilities that
we
can
implement
that will notify us when this happens again, and what
instructions
we
can
use
to take some action...

Any ideas or help is appreciated.

Thanks,

sd














.

Relevant Pages

  • Re: How Do I Keep Private Computers Off of Our Network?
    ... connect to the network. ... When you determine the MAC address of the personal laptop and you are ... are using their business computer's wired connection to connect their ... We sent out an email instructing everyone not to do this in the ...
    (microsoft.public.windows.server.active_directory)
  • Re: How Do I Keep Private Computers Off of Our Network?
    ... connect to the network. ... When you determine the MAC address of the personal laptop and you are ... are using their business computer's wired connection to connect their ... We sent out an email instructing everyone not to do this in the ...
    (microsoft.public.windows.server.active_directory)
  • Re: How Do I Keep Private Computers Off of Our Network?
    ... connect to the network. ... When you determine the MAC address of the personal laptop and you are using ... are using their business computer's wired connection to connect their ... We sent out an email instructing everyone not to do this in the future, ...
    (microsoft.public.windows.server.active_directory)
  • Re: How Do I Keep Private Computers Off of Our Network?
    ... If you really need to lock it down then Network Access Control through ... When you determine the MAC address of the personal laptop and you are ... are using their business computer's wired connection to connect ... We sent out an email instructing everyone not to do this in the ...
    (microsoft.public.windows.server.active_directory)
  • Re: How Do I Keep Private Computers Off of Our Network?
    ... A lower end would be to use reservations for all the 'authorized' ... If you really need to lock it down then Network Access Control through ... are using their business computer's wired connection to connect ... We sent out an email instructing everyone not to do this in the ...
    (microsoft.public.windows.server.active_directory)