I recommended a VPN'd wifi solution today. We'll see if that's where the network teams agrees we should go. On 11/9/05, Evan Mann <emann@xxxxxxxxxxxxxxxxxxxxx> wrote: > > It's popular to setup a dedicated VLAN for guest, and using policy based > routing to make that VLAN be able to access the internet only. It's easy to > do, but requires you have the ability to setup VLAN's and do policy based > routing > ------------------------------ > *From:* thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] *On > Behalf Of *Steve Greenberg > *Sent:* Wednesday, November 09, 2005 12:02 PM > *To:* thin@xxxxxxxxxxxxx > *Subject:* [THIN] Re: Way OT: Vendor access equipment on your internal > networks > > I have seen a number of companes who setup a separate WiFi or wired > network for outside access and make it available to certain areas such as > the conference rooms........ > > Steve Greenberg > Thin Client Computing > 34522 N. Scottsdale Rd. suite D8453 > Scottsdale, AZ 85262 > (602) 432-8649 > (602) 296-0411 fax > steveg@xxxxxxxxxxxxxx > > > ------------------------------ > *From:* thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] *On > Behalf Of *Michael Pardee > *Sent:* Wednesday, November 09, 2005 9:57 AM > *To:* thin@xxxxxxxxxxxxx > *Subject:* [THIN] Way OT: Vendor access equipment on your internal > networks > > I'm curious how others are handling this. We are seeing more and more > external parties (Vendors, Auditors, etc.) that want to plug their equipment > in to our internal networks. Usually it is just to do some kind of > presentation. Here at our data center we have an external DSL line that we > just move from conference room to conference room and that gets them > internet connectivity without them touching our internal networks. > Lately these requests have come from remote locations that don't have > much infrastructure other than thin clients and network ports. No DSL at > those sites at all. > How are you handing this kind of issue when someone from outside > needs/wants to plug in to get network connectivity? A vendor presentation is > one thing but auditors can live on site for months and, more recently, want > to bring their own file server with them. > We check to make sure they have AV software, that it is running, and that > the DATs are current, but that won't prevent someone from running a sniffer > or password cracker on the network. > We are working with the network team to fence them of using VPNs but I > thought I would ask how others are handing this situation. > Thanks in advance. > Mike. >