I’m looking for a pragmatic way to prevent external people, using non-company laptops, to get an IP address in my corporate network if they plug them to an available, wired LAN port. Any suggestions?