How can I lock down a user's laptop so that he can not connect to another LAN via the NIC? We are using DHCP not static IP addresses.
I question the reason for preventing users to connect to other networks, though. Mobile computing necessarily involves connecting to other networks, such as connecting to the Internet to check mail. My primary concern would be a user connecting to another network that's outside of the firewall, and as a result, getting a worm or virus infection. To prevent this problem, I recommend that you configure Internet Connection Firewall on the laptop. For that matter, when Windows XP Professional Service Pack 2 ships, it'll include an improved firewall, called Windows Firewall. This version of the firewall will be more manageable via Group Policy, so it might address your concerns.
This was first published in April 2004