• I agree with Mr.Anoop. We use the Mac binding for all the devices for any network connectivity and allowing any resources including hardware, software, information assets accesses after due authentication.

  • what  I have done is profiled assets which are stationed, introduced Network Admission control technology, profiled all assets owned by the company, registered them with their mac addresses, exceptions are listed. So any machines connecting the network will be challenged against mac address register and provide eligible network or isolate them. On other hand, published all internal application and services over remote access VPN with multifactor authentication, so that any isolated personal devices(BYOD) can access such application over VPN with access filter. i.e.. such machines are updated, patched and endpoint protection s enabled.



This reply was deleted.