Network security

Giganews Newsgroups
Subject: Network security
Posted by:  Chris Guynn (ChrisGuy…@discussions.microsoft.com)
Date: Mon, 21 May 2007

Here's my situation.

In normal operation, my windows network resides behind a reasnably robust
firewall.  I use static IP addresses throughout my organization for an extra
layer of security (no DHCP clients).  In addition, I have employed standard
windows best practices for security throughout my organization.  Because of a
special event being held on Tuesday and Wednesday of this week I have been
forced to activate a DHCP server and allow people to use my network for
Internet connectivity.

Is there any way that I can authorize the DHCP server to distribute DHCP
addresses and then block those addresses from being able to access any of my
network resources (outside of the firewall/router)?  I'm sure it goes without
saying that the information on my network is highly confidential.

Basically, here's what I need:

Maintain the current network topography (no time to implement new
routers/etc...)
Assign addresses through DHCP to random computers attaching directly to my
network.
Block those Addresses from access to all network resources except the
internet/router.

Any help you can provide will be greatly appreciated.

By the way, I do have a reasonable understanding of technical items (MCSE
NT4), but I'm relatively new to the Windows 2000/AD world.

Chris Guynn

Replies