On Thu, Sep 30, 2010 at 9:02 PM, Heinz Teichmann
<heinz dot teichmann at wanews dot com dot au> wrote:
> If it is such a big issue a proper proxy appliance would be the way to go?!?
> Or is it a cost issue? Most enterprises I worked for used proxies for that and it worked.
Yes that's the way to properly control such things, requiring using a
proxy with authentication for all users. But going on the theme of the
rest of this thread, you could say "but then he/she can just get
someone else's credentials!"
That's why you take the approach of not trying to come up with a
bulletproof technical solution to a people problem, which is
impossible - there are always going to be ways to get around
something. If you assign a DHCP reservation, let them know they are
not authorized for web access, and the person goes to the extent of
changing their IP and/or MAC to get around restrictions you have in
place, that's generally grounds for termination.