Is there a way that I can differentiate the systems in my network and other outside laptops (apart from MAC address). QUESTION POSED ON: 11 JUL 2006
QUESTION ANSWERED BY: Mike Rothman I would suggest looking at a technology called 802.1x to provide the authentication to your wired networks. 802.1x is most commonly thought of as a wireless technology, but many of the later generation switches support it and allow you to use a Radius server to do the authentication. Many of the NAC (network access control) solutions can utilize 802.1x as a means to enforce who can access the network at the switch level.

Again, depending on the nature of your switch, you should be able to tell which device potentially failed an authentication and then either kick them off the network or put them on a quarantined VLAN, depending on what your policy is.

MAC address is certainly one way to tell a "known" device vs. an unknown device, but I'm not partial to any technique. Depending on which NAC and/or LAN security solution chosen, you'll be able to distinguish between stuff you know and stuff you don't.