• Creator
  • #2138897

    Non domain computer network access.


    by kirk.roberts ·

    what do people use to prevent network access to non domain computers? everyone that visits our offices wants access to the internet. most of the time i can check out their computers for upto date virus protection and then allow them to connect to the network but some people just come in and plug in there computers without asking. is there a program or hardware device that would prevent unauthorized connections?

All Answers

  • Author
    • #2883400


      by kirk.roberts ·

      In reply to Non domain computer network access.


    • #2883391

      Depending on the size of the network…

      by smartacew0lf ·

      In reply to Non domain computer network access.

      Running on the assumption that those you speak of that ‘come in and plug in their computers’ are doing so by utilizing an R45 drop somewhere within the building, I imagine your best bet would be to use MAC address filtering on the router. Were we speaking of Wireless access this would be easily effected by locking down the wifi portion of the network. (A thing that should be done already if it is not currently) There are other considerations requiring proper hardware and considerable expense.
      Would help to know the number of nodes on the LAN, the types of operating systems attached to the LAN and make/model of router used within the network.

    • #2883364

      Simple and rough

      by kermit1 ·

      In reply to Non domain computer network access.

      Disable all ports on router that are not in use and enable them when you allow access to that particular port, or enable access based on MAC on all ports.
      I guess that you have DHCP, change that to fixed IP so anyone who want access to your network should now IP and subnet.

      All of that depend on how large your network is.

      Solution is not elegant, but will do the job.

    • #2883326


      by jpelectron ·

      In reply to Non domain computer network access.

      VLANs is how you accomplish this.

      Put a public/guest wireless access point, and some physical network ports in the lobby/common area – all memebers of a separate VLAN, make this VLAN route to the Internet and nothing else – thus protecting your network from foreign machines.

Viewing 3 reply threads