Comments on: DHCP versus Static IP http://itknowledgeexchange.techtarget.com/itanswers/dhcp-versus-static-ip/ Fri, 19 Mar 2010 13:14:55 +0000 http://wordpress.org/?v=2.6.2 By: Syphun http://itknowledgeexchange.techtarget.com/itanswers/dhcp-versus-static-ip/#comment-69516 Syphun Mon, 26 Oct 2009 19:56:09 +0000 #comment-69516 I so much agree with mrdenny, the basic fact remains that DHCP is the one and only way to create less work for the network admin and as well secure your network if you know the right things to do with your GPO on the server. Static IP will only create more trouble. . . .STAY OFF IT if you can.. . . and i know you can. . . I so much agree with mrdenny, the basic fact remains that DHCP is the one and only way to create less work for the network admin and as well secure your network if you know the right things to do with your GPO on the server.
Static IP will only create more trouble. . . .STAY OFF IT if you can.. . . and i know you can. . .

]]> By: mrdenny http://itknowledgeexchange.techtarget.com/itanswers/dhcp-versus-static-ip/#comment-69434 mrdenny Fri, 23 Oct 2009 18:53:50 +0000 #comment-69434 If you have wireless networks, those network should be secured using a key through WPA or WEP key so that if random people walk up to your WiFi network with a laptop they can't connect to the network, and therefor can't get an IP address. If a corporate environment you can deploy the keys and SSID to the computer via GPO so that all company laptops can connect to the wireless without having to give the users the key. If you have wireless networks, those network should be secured using a key through WPA or WEP key so that if random people walk up to your WiFi network with a laptop they can’t connect to the network, and therefor can’t get an IP address.

If a corporate environment you can deploy the keys and SSID to the computer via GPO so that all company laptops can connect to the wireless without having to give the users the key.

]]> By: Jayaram http://itknowledgeexchange.techtarget.com/itanswers/dhcp-versus-static-ip/#comment-69362 Jayaram Thu, 22 Oct 2009 16:07:59 +0000 #comment-69362 Mrdenny, 1. A wireless device that gets within range of your wireless network equipment may be able to acquire an IP address from your router. this is for more security purpose. 2. For small networks like a home network, you can add some extra protection by turning off the DHCP, or automatic IP addressing, feature of the router and manually assigning static IP addresses. At the end the above is for more security purpose. Mrdenny,

1. A wireless device that gets within range of your wireless network equipment may be able to acquire an IP address from your router. this is for more security purpose.

2. For small networks like a home network, you can add some extra protection by turning off the DHCP, or automatic IP addressing, feature of the router and manually assigning static IP addresses.

At the end the above is for more security purpose.

]]> By: Mshen http://itknowledgeexchange.techtarget.com/itanswers/dhcp-versus-static-ip/#comment-69236 Mshen Mon, 19 Oct 2009 23:24:39 +0000 #comment-69236 Static addresses isn't the best way to do it; there is too much administrative overhead and little added security. Look into Network Access Control (NAC), Switchport security on the switch, or MAC Access-lists on the switch. Static addresses isn’t the best way to do it; there is too much administrative overhead and little added security. Look into Network Access Control (NAC), Switchport security on the switch, or MAC Access-lists on the switch.

]]> By: Sonotsky http://itknowledgeexchange.techtarget.com/itanswers/dhcp-versus-static-ip/#comment-69209 Sonotsky Mon, 19 Oct 2009 13:13:33 +0000 #comment-69209 Agreed with all responses to date. If by "security", management wants to know which IP is causing certain traffic (and by extension, which workstation), then reserved addresses in dhcp works well. Yes, it's possible for the user to change their MAC to attempt to obtain a different IP, but if the user has that much access to their workstation, then I think the network is the wrong place to be looking to improve security... Agreed with all responses to date.

If by “security”, management wants to know which IP is causing certain traffic (and by extension, which workstation), then reserved addresses in dhcp works well. Yes, it’s possible for the user to change their MAC to attempt to obtain a different IP, but if the user has that much access to their workstation, then I think the network is the wrong place to be looking to improve security…

]]> By: KevinBeaver http://itknowledgeexchange.techtarget.com/itanswers/dhcp-versus-static-ip/#comment-69204 KevinBeaver Mon, 19 Oct 2009 12:37:11 +0000 #comment-69204 I can't think of much value this would add from a security perspective. If anything it'll just create more work on the network administration side and end up increasing business risks. I can’t think of much value this would add from a security perspective. If anything it’ll just create more work on the network administration side and end up increasing business risks.

]]> By: Yasirirfan http://itknowledgeexchange.techtarget.com/itanswers/dhcp-versus-static-ip/#comment-69183 Yasirirfan Sun, 18 Oct 2009 04:44:08 +0000 #comment-69183 Yeah I agree with Mrdenny, DHCP is the best way to manage the IP address assignement, if you are using Static IP address then you have to document them so that no duplication occurs. As far as Management devices such as Servers, Switches , routers and access points are concerned static IPs are recommended. Yeah I agree with Mrdenny, DHCP is the best way to manage the IP address assignement, if you are using Static IP address then you have to document them so that no duplication occurs. As far as Management devices such as Servers, Switches , routers and access points are concerned static IPs are recommended.

]]>