I have been tasked with researching possible ways to setup a policy based network. Our network is seeing more and more corporate visitors and currently they are given an ethernet cable and off they went. We are on an NT domain that is locked down quite tightly, however would like to take it a step further by limiting guest access to port 80 only (possibly 110, 25, etc) no matter what physical port they are connected with. Eventually, I would also like to be able to restrict network access even for authenticated users that do not have current virus DAT files. However, that's down the pipe yet.
Thanks for the suggestions,