• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 164
  • Last Modified:

how can protect against a unknown computer behind the firewall

Often customers or vendors will bring there laptops in and try to connect to the Internet.   The problem is I am seldom told when this occurs and I would like to at least verify the laptop is not a threat before it is connected to the network. I have basics covered like disabling the guest account and I am aware they would not be part of the domain. But is there anything else I can do? I have looked at options  like HP's Identitiy manager but it's very expensive and a little bit of overkill.

  • 2
3 Solutions
Keith AlabasterCommented:
What is your outgoing security policy currently? Do you have a proxy server or similar between your network and the Internet?

Products such as ISA server, websense, surf control etc allow you to validate outgoing traffic through Active Directory groups for example. ie Not an authenticated user, no Internet.

MS has a 6 month trial download of the ISA2006 beta version at the moment if you wanted to give it a try.


Have you looked at Network Access Quarantine?  As described here:

Part 1 - http://www.securityfocus.com/infocus/1794
Part 2 - http://www.securityfocus.com/infocus/1799

This allows you to tightly control which machines may or may not connect to your network based on pre-defined criteria.

Hope this helps.
The laptop owners have no access to any domain shares. If your workstations are fully patched and don't offer services to the network that are flawed with exploits, than it is hard for an "outsider" to infiltrate your network, even if that laptop is a compromised wormkeeper.
New stations can be spotted by arpwatch or something similar, have Google go for arpwatch.
Keith AlabasterCommented:
Thanks jeff.

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now