Anonymous access to the campus network presents a serious threat to the Texas A&M campus network and every machine attached to it. This applies to both publically available machines with network access, and departmental DHCP connected hosts with no user verification procedures. Access to a network connected host should only be provided if the user is able to be identified.
User authentication ensures that the person is authorized to use the university's resources and makes identification possible in the case of illegal or malicious activity.
For administrators who maintain departmental DHCP servers, there are options that allow for user identification. A database of MAC addresses can be kept that can be tracked to a specific location/person. The DHCP server can be configured to allow only known MAC addresses to connect to the server. Login ID's and passwords can be required when connecting. All departmental administrators who deploy a DHCP server should follow the Departmental DHCP Server Requirements.
For publically available machines, there are also options for authentication. Machines can be provided that require NetID and passwords for TAMU individuals. For non-TAMU users, guest login and passwords can be used. Please visit the TAMU Guest Accounts page for further information on providing this service. Also, place these publically available machines in locations that are very public and allow for observation. Lastly, if possible, remove un-needed services (ie... email, web browsers) from these machines so they cannot be used for illegal/malicious activity.
The advantage to user authentication is being able to identify a machine when it becomes infected, or is suspected of some type of malicious or illegal activity. Also, if a machine is ever stolen, we can attempt to locate that machine based on the MAC address provided if it communicates on our network. Having a record of known MAC addresses would allow you to provide this information to us.