Re: Firewall with MAC address ACL that is dynamic

On 28 Sep 2005 10:06:52 -0700, "bjriffel@ho__tmail.com"
<bjriffel@hotmail.com> wrote:

>Well we HAVE to do something. Not ALL students have antivirus
>installed, or don't update it regularly. We don't have the staff to
>visit each machine to check for these things.
>
>The problem is, that last spring our ISP was 2 days away from closing
>our connection due to virus activity and traffic coming from our
>network. Would it be better for us just to set up snort or something
>on that network to detect virus/trojan activity? Then we would just
>record the MAC address of the infected machine, and disable their port
>on the Cisco switch? Then what..... tell the student they aren't
>allowed back on until what? We would still have to go check their
>machine wouldn't we? I'm really new to the University IT field (I
>worked in healthcare before and didn't have to worry about students
>rights). We get the McAfee cheap (like $1.25 each) for students
>because of our site license for the campus network.

Just on a side note, whatever you do, make sure you anticipate it with
some sort of communication campaign. Explain the problem, what is the
plan to correct it and what are the consequences of not complying.
Give time for them to digest it all and implement it in phases.

Your are dealing with people not computers. Education is really what
students need (backed by firm policies). By creating a healthful
relationship with your user base I'm sure you'll be closer to success
and contributing to their development to becoming responsible adults.
Received on Thu Sep 29 20:11:11 2005