Mike
There is no easy way to do this. Clients use broadcasts to discover DHCP
server and there is no authentication process in this.
This would be possible using IEEE 802.1x. "Problem" with this solution is
usually the price and technical implementation. Among other things you need
network switches that support IEEE 802.1x, clients that support it (e.g.
Windows 2000 SP4 or newer operating system) and database to check against
(e.g. active directory). Before client is allowed on the network it has to
authenticate with network switch. If the client sends valid user information
(checked against active directory) the client get e.g. DHCP assigned IP.
There are few more things you can do for safety of your network. Don't patch
all network outlets to your network. Patch only the ones in use. Implement
IPSec. Only computers that are in domain will be able to participate in
IPSec protected network (if you configure it so). So any outside computers
that would be plugged on your network would not be able to attack your
server or infect them with e.g. worms/virus.
Feel free to post back if you have any additional question.
Mike
"bbry" <(E-Mail Removed)> wrote in message
news:1a2601c49cda$9b07f4d0$(E-Mail Removed)...
> I would like to restrict my local area network
> infastructure to be alittle more secure. I would like my
> Domain controller / dhcp server to release an ip to pcs
> that are members of the domain only. Can someone tell me
> how or where to read up on this.
>
> Thanks
|
Similar Threads
Linear Mode
