Re: Firewall with MAC address ACL that is dynamic

Well we HAVE to do something. Not ALL students have antivirus
installed, or don't update it regularly. We don't have the staff to
visit each machine to check for these things.

The problem is, that last spring our ISP was 2 days away from closing
our connection due to virus activity and traffic coming from our
network. Would it be better for us just to set up snort or something
on that network to detect virus/trojan activity? Then we would just
record the MAC address of the infected machine, and disable their port
on the Cisco switch? Then what..... tell the student they aren't
allowed back on until what? We would still have to go check their
machine wouldn't we? I'm really new to the University IT field (I
worked in healthcare before and didn't have to worry about students
rights). We get the McAfee cheap (like $1.25 each) for students
because of our site license for the campus network.
Received on Thu Sep 29 20:11:09 2005