Q

Protecting network from visiting PCs

What are companies doing about visitors that need to use their network to VPN to their own network, access the Internet for presentations or fixes, etc.? I'm leery of a visitor on my network. The PC could have a virus, or the visitor could be a spy capturing information, yet there seems to be a growing need to allow visitors on the network.

Most companies are not doing anything about this, though you are rightfully concerned. What I've recommended to companies that I have provided consulting for is the following:

  1. Disable wall jacks that do not have anything connected. System Administrators on duty can re-enable them as needed.
  2. Set up conference rooms with two sets of jacks; one set connected to the network inside the firewall, one set outside the firewall. This allows visitors to connect to the Net to do presentations without accessing the corporate network. It also allows internal presentations to be held in the same room while using the corporate network.
  3. Visitors that need to have access to the Net but also need protection by your firewall must connect only on a special subnet behind the firewall that is restricted for use by visitors. This subnet can connect to the outside, but not to any of the other internal subnets.

These restrictions limit the damage to either outside your firewall, or to a subnet that only visitors use. It prevents damage to your corporate resources.


For more information on this topic, visit these other SearchSecurity.com resources:
  • Ask the Expert: The placement of security solutions on a network
  • Best Web Links: Infrastructure and Network Security
  • Featured Topic: Network security


  • This was first published in March 2003

    Dig deeper on Network Access Control Basics

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close