+ 0 Votes What kind of setup do you have? ThumbsUp2 5 years ago If you tell us what you already have, it might help! What kind of server are you using? Do you assign static IP's? Are you filtering by MAC address? Or, is your system wide open and allows anything that gets plugged into it to be assigned an IP? + 0 Votes For right now Derek Schauland Contributor 5 years ago it allows anything plugged in... its wide open, using Windows 2003 AD.Was hoping to find the right starting point to get it moving in the right direction as we aren't doing anything today. + 0 Votes first off shasca 5 years ago You need a policy enforced to back you up. You need parameters set as to what is, and is not allowed on the company network. You don't want to lock everything down without managements buyin. + 0 Votes Then shasca 5 years ago Have a read. lotsa good advice.http://www.networkworld.com/supp/2008/100908-trendwatch-access-control.html?tc=sec + 0 Votes Thanks Derek Schauland Contributor 5 years ago I will give it a look. After I come up with some possibilities, management will be involved. If I cannot achieve the goal there is no sense in bothering them about it. + 0 Votes About Management involvement IC-IT 5 years ago I believe Shasca is referring to Management setting a Policy.The Policy either would limit or ban non-company resources from connecting to the network. It gives you the authority to enforce the rule. It also gives you a direction for implementation.Then you may take additional steps to lock down the network (or examine a quarintine solution). + 0 Votes quarantine laptops and other devices CG IT 5 years ago some of the enterprise level Antivirus solutions have quarantine capabilites. If a new client is added to the network, the AV will quarantine it until it meets the network requirements. If this is an active directory domain, by design, if the laptop is not a member of the domain, it can not access resources on the domain. Even if the user tries to log on with their account. Active Directory requires a computer account for clients to be members of the domain, therefore there is some inherent quarantine. Managed switches allow you to assign MAC addresses to a switch port. This security feature will disable the switch port if the wrong computer uses that switchport. You can also disable unused switchports. Combined, these security features can be used to make sure unauthorized computers do not gain access to the network.