|
Posted by Roger Abell [MVP] on March 23, 2006, 2:45 am
Please log in for more thread options
NAP (quarantine) and 802.1x are current avenues for
keeping networks used by only desired machines/devices.
Also, look into the domain isolation with IPsec guidance
so that only domain machines can access each other.
> Dear all,
>
> Is it possible to filter unknown device to attach network?
>
> Our network is connected with variety sites by Optical Fiber and VPN. In
> some locations, there is unable to know user's behavior. I found that some
> unknown devices are pluged into the network. I guess it could be the
> portable machine ,that is owned by those remote users, and plug into the
> network with some reasons....
>
> It is REALLY a security issue!
>
> 1.) Those machines can be used to steal our protected data as well as how
> many the user can reach. Even I have protected the network by restrict all
> workstations with user right, software restriction policy and disable USB
> device but it is still unable to protect from this vulnerability.
>
> 2.) If it is driven into worst most circumstance as those portable machine
> are infected with network worm and our workstations/servers are not
> updated with the latest patch, the result could be absolutely
> unpredictable!
>
> So, I wanna a solution to filter all unknown device to plug into our
> network. Is it possible?
>
> Thanks,
> Keith
>
| 
XML Sitemap