Prevent Unauthorized PCs to connect on the LAN

G

George Stoykov

Is there any way that I can prevent any "rogue" PCs to connect on the
company's domain?

I'd like to avoid people bringing their laptops or Pocket PCs and connecting
on the LAN.

Thank you!
 
J

Jon Holvoet

What you are looking for can be implemented with 802.1x:
http://en.wikipedia.org/wiki/802.1x
Of course your current infrastructure must be able to support it.

If such a solution might be too expensive, you can always turn back to
MAC-based control, but this is a solution that is far from secure, due to
the easy spoofing of MAC addresses.

--

Jon Holvoet
MCSA / MCSE Security
Comptia Security+
CISSP


"George Stoykov" <gvs@medicineforthedefense.com> wrote in message
news:uy3OZkR2HHA.2064@TK2MSFTNGP03.phx.gbl...
> Is there any way that I can prevent any "rogue" PCs to connect on the
> company's domain?
>
> I'd like to avoid people bringing their laptops or Pocket PCs and
> connecting on the LAN.
>
> Thank you!
>
 
S

S. Pidgorny

Funnily enough, MAC spoofing also allows bypassing 802.1x security on wired
networks:

http://sl.mvps.org/docs/802dot1x.htm

Go IPsec!

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

"Jon Holvoet" <jon.no-spam.holvoet@telenet.be> wrote in message
news:OkhPBRS2HHA.1168@TK2MSFTNGP02.phx.gbl...
> What you are looking for can be implemented with 802.1x:
> http://en.wikipedia.org/wiki/802.1x
> Of course your current infrastructure must be able to support it.
>
> If such a solution might be too expensive, you can always turn back to
> MAC-based control, but this is a solution that is far from secure, due to
> the easy spoofing of MAC addresses.
>
> --
>
> Jon Holvoet
> MCSA / MCSE Security
> Comptia Security+
> CISSP
>
>
> "George Stoykov" <gvs@medicineforthedefense.com> wrote in message
> news:uy3OZkR2HHA.2064@TK2MSFTNGP03.phx.gbl...
>> Is there any way that I can prevent any "rogue" PCs to connect on the
>> company's domain?
>>
>> I'd like to avoid people bringing their laptops or Pocket PCs and
>> connecting on the LAN.
>>
>> Thank you!
>>
>
>
 
You must log in or register to reply here.

Similar threads

P
  • Article
Copilot+ PCs expand availability with new AMD and Intel silicon
Replies
0
Views
28
Pavan Davuluri
P
P
  • Article
Update on the Recall preview feature for Copilot+ PCs
Replies
0
Views
44
Pavan Davuluri
P
W
I can't connect to wifi, missing properties in network adapter
Replies
0
Views
35
Wan Khairunisa
W
S
Need to deploy windows update to PCs connected on LAN that do not have internet access
Replies
0
Views
54
Sanchit Sahay
S
R
Windows keeps saying my log-in password is incorrect yet lets me in on my other PCs, and confirmed that I only changed the password 2 days ago!
Replies
0
Views
36
richardogden2
R
Back
Top Bottom