How can I lock down a user's laptop so that he can not connect to another LAN via the NIC? We are using DHCP not static IP addresses.
If you configure the computer to use DHCP, then preventing a laptop user from connecting to other LANs is difficult. I won't say it's impossible, but I don't know how to do it. If someone else has a solution, please send it to me and I'll post it.
I question the reason for preventing users to connect to other networks, though. Mobile computing necessarily involves connecting to other networks, such as connecting to the Internet to check mail. My primary concern would be a user connecting to another network that's outside of the firewall, and as a result, getting a worm or virus infection. To prevent this problem, I recommend that you configure Internet Connection Firewall on the laptop. For that matter, when Windows XP Professional Service Pack 2 ships, it'll include an improved firewall, called Windows Firewall. This version of the firewall will be more manageable via Group Policy, so it might address your concerns.
Related Q&A from Jerry Honeycutt
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.