Re: How to block unauthorized network connections?
- From: "Gregg Hill" <bogus@xxxxxxxxxxx>
- Date: Wed, 14 Mar 2007 17:54:03 -0700
I think the managed switch is the best solution overall. Even if someone
plugs into a jack, it will do nothing unless the MAC address is authorized
on the port.
I am looking for a solution that can be used elsewhere, not with just this
one client, and the managed switch can be scaled beyond the 15-user client.
Thank you for all the suggestions! At least I know that SBS cannot do it
natively.
Gregg Hill
"SteveP" <SteveP@xxxxxxxxxxxxxx> wrote in message
news:A59A3F53-613C-4131-848D-9290E012FB91@xxxxxxxxxxxxxxxx
I don't believe you can stop them from plugging in and connecting to the
internet. They will not be able to access your servers because their
laptop
isn't joined to the domain.
A clever user can even print to your printers if they know how to add a
printer and download the printer drivers from the internet.
You only have 15 users on the network. Why not just assign them static IP
addresses and block the rest of the IP address range?
Then nobody gets on unless you put a static IP address on their machine.
--
Thanks, Steve
"Gregg Hill" wrote:
The client in question wants to install SBS, but does not want Premium. I
want to stop the rogue laptops or APs from even getting a DHCP assigned
address. I could do that with the managed switch at an old client.
No, the laptop is not on the domain in this case. It is just a worker
bringing in his own system, but he does have a domain account for his
desktop. Fifteen total workstations on an NT4 domain.
Gregg Hill
"Steve" <newsgroup@xxxxxxxxxx> wrote in message
news:%2375SOKmZHHA.1400@xxxxxxxxxxxxxxxxxxxxxxx
Do you have PE with ISA 2004 installed? How many total client computers
are there that are "authorized" to have access? Do these laptop users
have
valid accounts to login to the SBS?
"Gregg Hill" <bogus@xxxxxxxxxxx> wrote in message
news:OJi5zBlZHHA.4220@xxxxxxxxxxxxxxxxxxxxxxx
Hello!
Many moons ago I managed an NT4 domain that had a managed switch on it
and I could use that switch to enter the MAC addresses of systems
allowed
to connect to the network.
Now I have a new client who wants to use SBS 2003 R2 and he has a
problem
with people bringing in a laptop and slapping it on the network. Shy
of
beating those users to death, is there a way within SBS to only allow
network connections, i.e., DHCP addresses, from being handed out to
anything but approved systems?
I would like to prevent the occasional person who pops his own AP on
the
network to connect a laptop, or who just plugs in the laptop or other
system. I know I can use a managed switch, but I am wondering if SBS
has
any native feature to do it.
Thank you for your help!
Gregg Hill
.
- References:
- How to block unauthorized network connections?
- From: Gregg Hill
- Re: How to block unauthorized network connections?
- From: Steve
- Re: How to block unauthorized network connections?
- From: Gregg Hill
- Re: How to block unauthorized network connections?
- From: SteveP
- How to block unauthorized network connections?
- Prev by Date: Re: SBS 2003 - prevent remote shutdown
- Next by Date: Re: System Volume Information Folder
- Previous by thread: Re: How to block unauthorized network connections?
- Next by thread: Re: How to block unauthorized network connections?
- Index(es):
Relevant Pages
|
