[unisog] NetReg Circumvention?

Dan Jones dan.jones at colorado.edu
Thu Sep 4 12:56:23 GMT 2003


We have had some but few enough that it does not outweigh the benefits 
of hardware registration.  If we did not already have hardware 
registration in place I would consider starting 802.1x to provide 
port-based authentication.  Beyond the problem of circumventing dhcp 
registration there are other drivers which make 802.1x attractive (e.g., 
requiring reauthentication is easier, authentication of the user not 
hardware, web browser problems)

The downside I think is that you need to use client software to 
authenticate the user (for example, I think Utah is using the 802.1x 
with an Aegis client).

Brian Reilly wrote:
> For those of you who've implemented a NetReg or similar DHCP-driven
> solution for host registration, have you had many instances of users
> circumventing the process by just assigning themselves static IP
> addresses?  If so, how have you addressed this issue, and are you
> considering migrating to something like 802.1x or VQP as a result?
> 
> Thanks,
> 
> Brian
> --
> <reillyb at georgetown.edu>
> 
> 




More information about the unisog mailing list