Avatar of Thlware
 asked on

Network Restrictions


I have this technologies in my enviroment DHCP(windows Server), Checkpoint, Cisco Access switch 3550, AD 2008.

I have an issue, any machine can be plugged on the network and DHCP will dish out an IP for that machine and that machine will have access to the network the only thing that can stop that person to have access is credentials in some cases by luck if they get the IP that have access to the internet automatically have access to the internet.

I need to know with the tools i have can i control this network access or we need to investigate another tool that can control access to our network.

Basically we looking at something that will make the PC usless after giving an IP only us we can start giving it privilleges up on request. Or maybe getting meseare from the DHCP server to meet certain criteria before dishing out IP adress, Please advice.
Microsoft Legacy OSMicrosoft Server OSWindows Server 2008

Avatar of undefined
Last Comment

8/22/2022 - Mon

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question

If I'm understanding the question correctly, what you need is a means of controlling who can access which resource, including the internet.

Windows Server 2008 already has the tools to enable you to define user access rights and privileges. For example, you can set up and configure user groups with the a particular set of rights and privileges, and just add users requiring that set to that group. This is the simplest scenario though; when you have users in multiple groups things can get complicated...

Internet access can be controlled by your firewall or even your switch; the Checkpoint unit will probably allow access schedules to be set based on IP or MAC addresses.

dot1x authentification with cisco is the answer
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.