Solved

Another DHCP server (rogue, illegal) joined to network, the valid DHCP server stopped. How to avoid this?

Posted on 2015-01-13
7
275 Views
Last Modified: 2015-01-13
This is a Microsoft Small Business Server 2011 domain network.
A client connected their equipment (running Linux, DHCP server enabled) to our network. Because of this, "DHCP Server service" on SBS2011 stopped.

How can we avoid this in the future?

Thanks!!
0
Comment
Question by:techcity
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 300 total points
ID: 40547037
In general, it is difficult to use technology to prevent people from breaking policies. That is more of an HR issue. Take copying files, for example. If someone wants to do it, you can block USB drives, and they'll use their cellphone to take pictures.

But if you want to spend the money, a smart switch can block DHCP per-port. You can go further and block devices by MAC address or use 802.1X. Smart switches are definitely more expensive per port than unmanaged switches though, so be prepared for it.
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 100 total points
ID: 40547049
Any ports that are not being used should always be in a disabled state on the switch to avoid them plugging in any devices.

Will.
0
 
LVL 10

Assisted Solution

by:Walter Padrón
Walter Padrón earned 100 total points
ID: 40547071
@Will Szymkowski i agree, but this doesn't avoid to unplug a device and plug another.

@techcity you can set an isolated network for your clients or put a router/smart switch between the client network and the internal network.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40547076
Your clients should never be plugging into the same production network. Typically I would setup some sort of Guest Wifi for clients to connect to and have all physical port connections disabled unless otherwise needed.

Easy to isolate and low cost.

Will.
0
 
LVL 1

Author Comment

by:techcity
ID: 40547102
Thanks to you all for the prompt comments!
The idea about smart switches sounds great. We have a main switch and a few sub-switches, all of them are unmanaged ones. Should I replace all of them with smart switches or just the main switch?
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 40547161
My personal stance is that with modern threats, a managed switch is essential for any type of network management. From integrating with an IPS to forensics during and after an event to simple troubleshooting (broadcast storms, etc), a managed switch saves so much time so quickly that the ROI is rapid. I don't recommend unmanaged switches anywhere anymore.
0
 
LVL 1

Author Closing Comment

by:techcity
ID: 40548215
Got it. Thanks again!
0

Join & Write a Comment

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now