10-02-2014 09:14 AM
I was investigating some rogue devices that are being reported by AMP and eventually found it.
Here's the situation:
The users that are renting some office space in our building have connected to our guest network (via captive portal) using the credentials we provided to them. From there, they are sharing the connection using a Windows XP (ICS) laptop then running a network cable to a WAN port on a router they have. There are roughly 7 desktop computers connected via a desktop switch.
This is bad and I don't want this to continue but I would like some feedback from the community to help my case and perhaps a work around. The upside of this is: the users (or single user in this case) fall in to the guest role and are on a seperate vlan from our staff network.
10-03-2014 12:26 PM
Are you using Clearpass? Perhaps allow some post-auth actions like session limits and/or time? Another alternative to use OnGuard to enforce that connection sharing is disabled?
If you do have Clearpass, you could create these rules for just these renters in the building and not other guests to your company
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos