RE: [ActiveDir] Secure DHCP

[Ruston, Neil]

Title: Message

MS has an offering named Quarantine Control which can be used to control RAS clients but this (today) does not apply to non-remote clients.   The following article implies that plans are in motion to extend this model to include non-remote clients although you'll need to wait for Longhorn server :(   http://www.windowsitpro.com/Windows/Article/ArticleID/44129/44129.html   Cisco offers a hardware based solution http://www.cisco.com/en/US/netsol/ns466/networking_solutions_package.html (not an endorsement)     neil -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dan DeStefano Sent: 16 May 2005 15:00 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Secure DHCP I am wondering if there is any way to secure DHCP from assigning leases to PCs that are not authorized on the domain. I imagine that this is not possible since, in order to authenticate, a PC needs an IP address. The problem is that the other day we had a rogue PC plug into our network and, though probably coincidental, our browse list was messed up afterwards. So I have been tasked with finding out if there is a way to prevent unauthorized PCs from obtaining IP leases on our network (other than disabling all jacks not in use, which is what we will be doing). If not, does anyone have any suggestions on how to prevent the above situation in the future?   _________________________   Daniel DeStefano PC Support Specialist   IAG Research 345 Park Avenue South, 12th Floor New York, NY 10010 T. 212.871.5262 F. 212.871.5300   www.iagr.net Measuring Ad Effectiveness on Television   The information contained in this communication is confidential, may be privileged and is intended for the exclusive use of the above named addressee(s). If you are not the intended recipient(s), you are expressly prohibited from copying, distributing, disseminating, or in any other way using any of the information contained within this communication. If you have received this communication in error, please contact the sender by telephone 212.871.5262 or by response via e-mail.     ============================================================================== This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, Credit Suisse, its subsidiaries and affiliates (CS) do not waive any confidentiality or privilege. CS retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CS until they are confirmed by us. Message transmission is not guaranteed to be secure. ==============================================================================