Re: Secure your DHCP
- From: "Michael Jenkin [SBS-MVP]" <michael.jenkin@xxxxxxxx>
- Date: Fri, 03 Oct 2008 12:14:23 +0900
Hear Hear !
Larry Struckmeyer [SBS-MVP] wrote:
Hey Holz:
As everyone in this group has agreed over the years, technology is a poor
substitute for work place rules / etiquette. Given the first of your
requirements I would suggest DHCP reservations, but when you added the
guests it gets murky.
One of the problems with access to the inet on the WAN side of the router is
that if there are rouge smtp engines on those systems the ip will soon be
blacklisted and no one will take the legit company mail.
In the USA the company network is company property, as you know, so
management can and should get get it under control. A computer use policy,
strictly enforced, would go a long way, and if one or two lost their jobs
over this, it would soon set the tone for the rest of the employees.
But first management has got to let the employees know by way of a meeting
or a letter in the pay envelope or some such that things have gotten out of
control and such behavior has to stop. Followed by the written policies,
signed by each employee, etc.
As for guests, the only way I can think of for you to allow guests inet
access and not jeopardize your main inet connection would be to bring in
another one. If it were to be blacklisted for sending, at least the main
business would not be compromised. Alternatively, there may be a perimeter
device that scans for bad outgoing as well as bad incoming. None come to
mind at the moment, but others may know.
-Larry
"Holz" <none@xxxxxxxx> wrote in message
news:6kl2ffF8j28lU1@xxxxxxxxxxxxxxxxxxxxx
Anyway for me to prevent or limit who can connect and obtain DHCP address?
We have been cleaning this new client's network for the past 3 weeks.
about 70 nodes.
He has some employees that will bring their laptop to work, unplug their
station and plug the laptop for personal use!!! Let's not go into the work
environment atmosphere, we have already explained him the risks he is
facing. He claims he will start the firing shortly, however until then I
want prevent them from even obtaining a DHCP address.
I have to have large scope since he has many legitimate guests coming in
on a daily basis, and the need to use the net when they have projects and
demo to go over. I suggested that we create a secured wireless network for
the guests with a MAC address filter, but no luck, since they work
weekends and are not willing to add the MAC themselves. They just want to
plug and work.
Is there any 3rd party option to use something like MAC filter in a home
router?
I though that at the age of 50 I have already seen everything....
--
Holz
--
Michael J. Jenkin MVP - SBS, MCP, Small Business Specialist, Senior
Systems Engineer
Visit http://www.mickyj.com
.
- References:
- Secure your DHCP
- From: Holz
- Re: Secure your DHCP
- From: Larry Struckmeyer [SBS-MVP]
- Secure your DHCP
- Prev by Date: Re: Secure your DHCP
- Next by Date: Re: DNS Restrictions
- Previous by thread: Re: Secure your DHCP
- Next by thread: Re: Secure your DHCP
- Index(es):
Relevant Pages
|
Loading
