View Single Post
  #8   (View Single Post)  
Old 14th June 2014
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,020
Default

Yes. I thought of this because a year or two ago, someone posted here recommending that we isolate Windows platforms each to its own /30. A little lightbulb went on. And I remembered it today when EverydayDiesel described his issue.

A DHCP "fixed" address assignment is no more secure than a static IP address. There must be trust by the admin that the user will use them. If the system cannot be trusted, then the admin must select one of these three options:
  1. a VLAN must be used
  2. an isolated Ethernet segment must be deployed.
  3. the admin must reconfigure the user's workstation using a 30-pound/13-Kilo sledgehammer.
Option 3 is probably the most fun. But alas, it is also career limiting.

Last edited by jggimi; 14th June 2014 at 02:28 AM. Reason: typos. Sheesh.
Reply With Quote