[THIN] Way OT: Vendor access equipment on your internal networks

I'm curious how others are handling this. We are seeing more and more
external parties (Vendors, Auditors, etc.) that want to plug their equipment
in to our internal networks. Usually it is just to do some kind of
presentation. Here at our data center we have an external DSL line that we
just move from conference room to conference room and that gets them
internet connectivity without them touching our internal networks.
 Lately these requests have come from remote locations that don't have much
infrastructure other than thin clients and network ports. No DSL at those
sites at all.
 How are you handing this kind of issue when someone from outside
needs/wants to plug in to get network connectivity? A vendor presentation is
one thing but auditors can live on site for months and, more recently, want
to bring their own file server with them.
 We check to make sure they have AV software, that it is running, and that
the DATs are current, but that won't prevent someone from running a sniffer
or password cracker on the network.
 We are working with the network team to fence them of using VPNs but I
thought I would ask how others are handing this situation.
 Thanks in advance.

Other related posts: