[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Laptop Secuirty in Internal Network

Posted on 2006-06-28
6
Medium Priority
?
252 Views
Last Modified: 2010-08-05
Hi All,

I work in a school and teachers are bringing in their laptops to my windows 2003 server network. How can I stop them from accessing the network before I have a chance to check there computers for the latest virus defs, updates, patches etc.

This is a real problem for me and I think people are unknowingly bringing viruses and other sus items into the network.

I have asked them to bring their laptops to me, but they don't, so I want to enforce locking them out or even running something that check each computer is up to date.

Please help
0
Comment
Question by:JSCHS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 

Assisted Solution

by:v_sharing
v_sharing earned 150 total points
ID: 17007545
I've some advice:
- You use DC to manage users, use Microsoft ISA Server to allow/restrict access the Internet, LAN. Config ISA for all user who logon domain can access Internet.
- If he (have laptop) use wireless connection, you can config your access point to restrict who can use.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17008684
How big is your network ? I mean, how many computers ?

Cheers,
Rajesh
0
 

Author Comment

by:JSCHS
ID: 17014373
250 computers

About 150 PC and about 100 Mac

Macs include OS 9, 10.2, 10.3 and 10.4
PCs include Windows 2000 Pro, XP Pro and XP Home

1 2000 Server running ISA 2000 for proxy and internet filtering
1 2003 Server for Domain Controller, DNS, DHCP, Fileserving
1 Mac 10.2 Server for Mac Management and Fileserving
10 Airports for wireless activity
Many points of access for users to plug laptops in
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 1350 total points
ID: 17015677
One way to go about would be to lock them based on their MAC addresses. I mean, create a dhcp reservation for all the clients with mac address specified. But I'm sure you don't wanna go this way since it involves a lot of configuration time and also whenever a network card is changed, you'll have to change the entry in the dhcp server.

There are third party softwares available I believe. But couple of considerations that can be taken are;

1. Have a strict password policy and 'Acceptance policy'. Make them understand that they are responsible for what they do/bring in.

2. A Centralized antivirus solution would be good so that the updates can be done automatically.

3. Set a standard for the laptops (minimum requirements etc.)

Cheers,
Rajesh
0
 
LVL 14

Expert Comment

by:FriarTuk
ID: 17015931
if they plug into a jack, how are they allowed to access your domain, without their laptops being added to your domain & them logging into it with a domain acct?

you must prevent users from being able to add pc's to your domain, & you need to setup mac filtering for authorized wireless devices only
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question