Click here to get back home

Security 101: Only allow access to domain computers
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Security 101: Only allow access to domain computers Gaspar 10-03-2008
Get Chitika Premium
Posted by Gaspar on October 3, 2008, 8:53 am
Please log in for more thread options

This is the situation: Only computers in domain must have access to domain
resources (websites, mail, etc.).
For example, if someone connects a new notebook to my network I need to
prevent this device from using any of the corporate resouces.

Can IPSec help me on this task?
By the way, I'm using Windows 2003.

Thanks.




Posted by S. Pidgorny on October 4, 2008, 11:07 pm
Please log in for more thread options

Yes, IPsec will prevent IP connectivity from unauthorised computers.
Make sure the resources eg the Web sites, mail etc. are also configured
with ACLs that only allow access to domain users: in most cases you
mustn't count on total security of endpoint security solution, including
IPsec.

--
Svyatoslav Pidgorny, MCSE, RHCE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

Gaspar wrote:
> This is the situation: Only computers in domain must have access to domain
> resources (websites, mail, etc.).
> For example, if someone connects a new notebook to my network I need to
> prevent this device from using any of the corporate resouces.
>
> Can IPSec help me on this task?
> By the way, I'm using Windows 2003.
>
> Thanks.
>
>
>

Posted by Steve Riley [MSFT] on October 29, 2008, 1:00 am
Please log in for more thread options
Gaspar, the papers on server and domain isolation will be helpful for you.

http://technet.microsoft.com/en-us/network/bb545651.aspx


--
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
Protect Your Windows Network: http://www.amazon.com/dp/0321336437



> Yes, IPsec will prevent IP connectivity from unauthorised computers.
> Make sure the resources eg the Web sites, mail etc. are also configured
> with ACLs that only allow access to domain users: in most cases you
> mustn't count on total security of endpoint security solution, including
> IPsec.
>
> --
> Svyatoslav Pidgorny, MCSE, RHCE
> -= F1 is the key =-
>
> * http://sl.mvps.org * http://msmvps.com/blogs/sp *
>
> Gaspar wrote:
>> This is the situation: Only computers in domain must have access to
>> domain
>> resources (websites, mail, etc.).
>> For example, if someone connects a new notebook to my network I need to
>> prevent this device from using any of the corporate resouces.
>>
>> Can IPSec help me on this task?
>> By the way, I'm using Windows 2003.
>>
>> Thanks.
>>
>>
>>

Similar ThreadsPosted
How to restrict file access to Domain Computers Only August 27, 2006, 9:55 am
Prevent access to server for computers not part of domain January 22, 2007, 11:56 pm
allow non compliant NAP computers to access the internet November 15, 2008, 7:25 am
Right to add computers to a domain May 15, 2006, 5:08 am
Any way to see which computers a domain account is logged into? April 3, 2006, 11:44 am
Permissions for joining XP computers to domain July 25, 2006, 9:35 am
Domain Security Policy -> Access is denied for Administrator July 17, 2006, 7:04 am
domain access control for local user of domain computer? April 3, 2008, 5:14 pm
Domain Local Security vs Global Security vs Universal Security Groups October 16, 2006, 1:26 pm
my computers address January 15, 2006, 2:35 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap