Use of laptops by students within college on a w2k network

Posted on 2003-03-03
Medium Priority
Last Modified: 2013-12-04
Anyone have any suggestions on how to tighten down the security for students bringing in their laptops into the college. I am worried about students being able to run any application they like on their own machines which could adversely effect the network, or deliberate hacks. It's fine when we can control what the student can see and what apps they run, but when they've got an open playing field they could run riot! I wondered whether we could look at running with user profiles and maybe have a particular profile for network use, with a student start menu and locked out control panels etc (all the regular stuff we have on desktops). All desktops are currently W98. We use poledit to regulate what the users can see. Of course, we can't necessarily guarantee what OS the student may be running on his/her laptop - it could be anything from w95 to Linux!

Is there any out-of-the-box software that could do this job for us?
Question by:ashounsome
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Assisted Solution

MSGeek earned 100 total points
ID: 8059082
It depends on what NOS you are using.  You can accomplish a lot with ZenWorks which does not have to be in a Novell Netware environment to run.  You can also use group policies to accomplish a lot.  The biggest problem you will have with Newtork usage is bandwidth from music downloads and IM, port blocking is the next step.

You need a total solution, not one aplication.  Your solution will have to be Network Equipment based (Port blocking, access lists, statefull firewall.), Network Operating System based and workstation based.  There is no single tool to implement to accomplish this, it is a group of tools.

You have not provided enough information to describe your situation, but I would recommend enlisting a consultant in your area.
LVL 63

Accepted Solution

SysExpert earned 100 total points
ID: 8059617
Your problems and a solution could well be the size a few books.

As MSGek mentioned, you need professional help if you really intend to try to do this.

Some hints.

1) Lock down all your servers so that only specific ones can even be seen on the network.

2) Use routers to block ports that you do not want used.

3) Encrypt important data

4) If possible set required minimums for OS's connecting to your network, and use domain security.

There are no easy solutions, so make sure that your backup infrastructure and disaster recovery procedures are in place and tested !!

I hope this helps !

Expert Comment

ID: 8077639
Not the best way but you could give all the computers you manage static Ip's and turn off DHCP. There's another way involving mac addresses but thats more work than anyone would want to even think about doing.

Combination of the 2 is probably the best way DHCP with IP reservations. Depends how hard you want to work or how serious the issue is.

I would just confiscate there laptops!!
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.


Expert Comment

ID: 8247893
A login script that checks computer name (if your institution owned machines follow a naming standard) and takes appropriate action. I would be happy to help with, and may already have, a solution if you would like to pursue that type of approach.  I would paste it here, but its lengthy, and code never comes out right in these windows.

Expert Comment

ID: 9070813
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
Post your closing recommendations!  No comment means you don't care.

Expert Comment

ID: 9083695
ashounsome... what's with the grade of C?? you did not provide any more feedback or get more specific with your question... a aquestion I might add that one could easily write a book about!  Respectfully, MSGeek.

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question