Announcement

Collapse
No announcement yet.

Refusing Network Access to Clients NOT on Domain?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Refusing Network Access to Clients NOT on Domain?

    Hello, I'm running Windows Server 2008 and wondering if there's a way to deny all network access to any clients not on the domain? The problem is we have users that bring their own notebooks to work, and don't have proper AV software, updates, web use logging, etc. We don't want them to not be able to use the network at all, we just want them to have to join the domain. Any suggestions? Even if it's a hardware solution, it's something we'd like to implement.

  • #2
    Re: Refusing Network Access to Clients NOT on Domain?

    Without network access, how will they join the domain?

    Before implementing anything, your company IT policy needs to reflect this.

    Research Network Access Protection.
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

    Comment


    • #3
      Re: Refusing Network Access to Clients NOT on Domain?

      as Gforceindustries said - Network Access Protection is the way to do this.

      Of course, a much better way would be to not have wireless (also gets rid of those pesky iNnoyances) and ensure that you only activate network ports that should be active, and use MAC restriction on all ports, to restrict it to 1 MAC.
      Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

      Comment


      • #4
        Re: Refusing Network Access to Clients NOT on Domain?

        Originally posted by tehcamel View Post
        as Gforceindustries said - Network Access Protection is the way to do this.

        Of course, a much better way would be to not have wireless (also gets rid of those pesky iNnoyances) and ensure that you only activate network ports that should be active, and use MAC restriction on all ports, to restrict it to 1 MAC.
        This was my first idea, but the owner recently got an iPad and he's in love with the thing, so a few other people just got them too.

        Comment

        Working...
        X