At $work, we're having more and more problems with people bringing laptops etc from home and plugging them in to the network. The company policy has always been against this, but it was never really enforced. I want to change that.
I'm looking for suggestions on how I can prevent user's personal devices from functioning should they plug them into the network. Here is what I have to work with: - the MACs of the company workstations/laptops/Voip phones - Switches are 3Com Baseline 2924-pwr Plus (http://support.3com.com/infodeli/tools/switches/baseline/3Com_Baseline-Switch-2924-PWR-Plus_User-Guide.pdf) - IPs are assigned via dhcp (ISC dhcpd). Some equipment gets fixed IPs, but workstations and voip phones are plain dhcp. I stopped assigning static ips to the workstations and voip phones because it was becoming a pain to manage at 100+. However, I'm starting to wonder if I should assign all known mac addressed to a fixed range, and assign a second range by dhcp. Then when an unknown client "plugs in", they will get an IP in the dhcp range, which I should be able to block at the switch. Comments? _______________________________________________ mlug mailing list [email protected] https://listes.koumbit.net/cgi-bin/mailman/listinfo/mlug-listserv.mlug.ca
