[unisog] NetReg Circumvention?
dan.jones at colorado.edu
Thu Sep 4 12:56:23 GMT 2003
We have had some but few enough that it does not outweigh the benefits
of hardware registration. If we did not already have hardware
registration in place I would consider starting 802.1x to provide
port-based authentication. Beyond the problem of circumventing dhcp
registration there are other drivers which make 802.1x attractive (e.g.,
requiring reauthentication is easier, authentication of the user not
hardware, web browser problems)
The downside I think is that you need to use client software to
authenticate the user (for example, I think Utah is using the 802.1x
with an Aegis client).
Brian Reilly wrote:
> For those of you who've implemented a NetReg or similar DHCP-driven
> solution for host registration, have you had many instances of users
> circumventing the process by just assigning themselves static IP
> addresses? If so, how have you addressed this issue, and are you
> considering migrating to something like 802.1x or VQP as a result?
> <reillyb at georgetown.edu>
More information about the unisog