Is there value to Wake-on-LAN? Heck yes, especially at a time when we are being asked to power off PCs for energy savings.

The risk is not that PCs will be powered on, though. The risk is that you need to enable directed IP broadcast, which can be used maliciously.

However, you can securely enable using Access Control Lists. You can limit (at the router, using ACLs) the devices (IPs) from which the router will allow and forward IP broadcasts.

Anyone managing an enterprise knows that the ability to wake up a remote device is hugely important. You just need to enable it securely...

Another tip - make sure the PC's WoL boot sequence is set the way you want it. Some manufacturers set the WoL sequence to PXE boot first, assuming that if you are waking a PC you are doing so to allow it to boot from a PXE server for system builds. This is not the case in our environment (we are waking to patch), so we need to reconfigure some devices to make the boot sequence the same as on a normal boot. Otherwise, the device will loop and look for a PXE server which it will never find...