[unisog] Computer Registration
flynngn at jmu.edu
Wed Jun 5 18:20:07 GMT 2002
Bryan McLaughlin wrote:
> Has anyone had success with a product or technique for registering computer
> before granting access University resources? We spend a lot of time tracking
> down the owner of infected or compromised computers. I would like to be able
> to easily identify the owner/location of most machines on the network, including
> roaming student laptops. How do others handle this situation.
Last week we completed our registration process for the entire campus. We
rolled our own implementation. Unregistered machines are given a restricted
IP address and name server via DHCP where every DNS resolution points to
the registration page. Certainly not meant for security like a vlan/802.1x
implementation would be but it serves its purpose....instant access to a
database containing the registered user for any IP address, machine
location, phone number, and machine type.
Its particularly helpful in the student residence areas that have been
registered since last fall.
I believe a lot of universities are using the NetReg product mentioned by
Simon in their student residence network programs. I'm not sure of the
reasons we didn't go in that direction.
One of the immediate benefits it enables is the ability to automate
notifications of vulnerabilities detected by our vulnerability scanner
and virus infections detected by our mail server.
It also enables those roaming laptops to plug-in anywhere without a
network reconfiguration due to its associated implementation of
Probably the hardest part of the field work was identifying nodes
requiring fixed IP addresses. They had a habit of popping out of the
We're now trying to decide on how often the re-registration needs to
take place and how best to accomplish it.
Security Engineer - Technical Services
James Madison University
More information about the unisog