Canadian Mac Forums at ehMac banner

Macs banned from the network!

6K views 46 replies 22 participants last post by  hayesk 
#1 ·
Hi all,

My network at work has banned my MacBook Pro from our network. Their reasoning is that it might be carrying an unknown virus, and so because it doesn't have their windoze virus protection program installed it's not allowed to play with the other computers. :ptptptptp Is this valid? Is there a way I can get into the network in order to get internet access without them knowing it's me (our network is wired, and I think they've shut me out based on my ip... but I'm not really clear on how it works, they've just installed iBoss and I think that's what might have somehow tattled on me)?
 
#3 ·
Mother*****s. I came across stories of this happening, but not recently. Your IT folks are morons.

Download and install ClamXav (a great, free anti-virus program). Set the preferences to automatically update preferences daily, set the ClamXav Sentry to launch on login, and set a Quarantine folder (explore all of the options, but these are the key items). Be sure to add the folders you think you need to scan (like Mail download folders, or the general Downloads folders, or even the entire HDD).

Then show your brain-dead Windows-NT-loving PepsiMax drinkin' PlayStation obsessed IT dweebs that your Mac is now protected, and tell them to remove whatever restriction they've put in place to block your machine.

I used to say that you should confront such people with facts, evidence, etc., but they're kind of like Tea Partiers. Reality doesn't square with their worldview, so it's better to just go around 'em (as legally as possible).

Good luck...
 
#4 ·
Yes it is "valid" - it is their network, not yours. They get to make the rules - even silly ones. They are responsible for maintaining the network - they have (mistakenly I agree) decided that adding a Mac to the mix is a vulnerability. Your Mac could (though it is unlikely) transport malicious code (that would not affect it in the slightest) which could then get distributed to others on the network (same as if you brought it in on a big, expensive, designed in California USB key.)

Installing ClamAV (which I also agree with) may not (and legitimately NOT) be enough for them - because it is not the same as what they have chosen to protect the rest of the network (unless they've chosen ClamAV for Windows and they're installing the updates in sync with your configuration).

Getting around their security attempts by MAC address spoofing isn't a good idea - especially if your workplace has any kind of Acceptable Use Policy (did you have to sign anything when you started there?). If you have one of those disabling or evading a security measure could easily be grounds for dismissal or discipline - remember - it is not your network.

I would suggest reading up on iBoss (if that is the product being used) a quick glance at what I'm guessing is their web page would indicate that there are several ways that surfing with a Mac could get detected by this, and MAC address spoofing won't avoid all of them. This was the first time I've heard of iBoss - it appears to have won some awards from education groups for "'protecting" schools/small businesses. Your apparent lack of familiarity with the technology does not bode well for any kind of sustained "hack" in this situation - if you succeed in getting through this stuff the first time.

Networks/infrastructures are large complicated things - your IT people are just trying to keep their lives simple and their stuff functioning well (as well as it can anyway...) - the exact same way Apple does - but only supporting a small subset of hardware and software...

If you're desperate to surf - either use their machines, or walk to a coffee shop with your MBP. If work is insisting that you provide the machine - then you have a case (though you may have to take it to the executive, not to the IT Dept.) that you should be allowed to have your properly configured Mac on the network. You may find out that the executives are already talking on their iPhones and typing on their iPads and are quite willing to look at allowing Macs into the workplace.

Good luck, and be careful.
 
#5 ·
I get the same attitude from
IT and administration, and I am a teacher in the school system. If the schools switched to Apple, the IT dept would be redundant, or much smaller at least. Rather than use the POS Lenovo thinkpad they provide, I just use my MacBook, tether it to my iPhone for Internet access ( up to 6 GB a month) and then I don't worry about limitations. Our school has a no-cellphone policy, but oh well. It's not a phone; it's a breakthrough internet device.
 
#6 ·
Speaking as a member of the IT dept, no.
Eggman has it right, it's THEIR network. They have policies in place for a reason. Our particular policy involves NO personal machines on the network. Be it a windows, mac, or handheld device, if it isn't provided by us, it isn't networked.

If you're bringing in a personal machine, especially as a teacher, you're opening yourself up to a whole mess of worms. Virii are the least of your(or the IT dept) worries.

I doubt iBoss has anything to do with any blocking going on, as it's easy to find out what kind of computer is on your network by checking the DHCP server to get the MAC address, googling the MAC and finding out manufacture info. Or, they could have just seen the unauthorized computer on your desk while doing something else and decided to be non confrontational about it.

This attitude of the OP and the others supporting him are the reasons the kiddies think that (insert crazy website here) is so totally ok for school, and the schools are so (expletive) (derogatory term) for thinking we should be on it. This is like saying that it's OK to take money from a cash register because it's open, or because you know how to get it open. It's against the law, and at work/school, the policy is the law. (Just like Judge Dread.)

Despite what people here think, logic and reasoning are what make the best IT folk around. In this case, they have logically concluded that as they don't have admin rights to your machine to make sure all security patches are up to date and because they maybe don't have a OS X version of their chosen AV solution, that it is safer for all to no longer allow access.

fjn, I appreciate your resourcefulness as a fellow tech enthusiast, however I hope no one in your school/district's IT dept is on this site. Knowingly violating policy, publicly bragging about it, circumventing internet access policy... well it could be an outcome very unfortunate for your career.
 
#10 ·
I can just see it - instead of a PC vs Mac thread this is becoming an IT vs User thread.

My company with 90 000 employees worldwise used to use Macs throughout except for some very specific production and development areas which were Unix at the time.
Everything went well, the location I was in had 2000 employees with one support person looking after the telephone system and the computers.
Then some VP decided to switch the whole company to PCs because of cost savings - supposedly. That was in the Windows 95 timeframe.
Productivity went out the Window, in my location they had to boost the IT staff to eight (!) (from essentially 1/2 a person with the Macs and those eight still couldn't handle all the trouble calls. It usually took half aday before they managed to come around to fix the Windows machines at the time, but what surprised me most (and the reason I'm posting this) is that the IT guys in out firm at least, had no clue how their users actually used the computers.
Simple example - I worked with MS Word, Excel, Powerpoint, Outlook and FTP access to a remote database all at the same time with the Macs.
When we switched to PCs at the time, one could not do this - the machines would constantly crash.
ITs solution was to close each application before opening a different one. For them that was "normal operation" - for us in Product Management that was just unacceptable - it would take us five times as long to do a job if we couldn't keep multiple applications open. Big conflict between IT and users.
I have no problem with IT controlling the network and deciding what can be connected and what cannot, but their lack of appreciation of the user requirements is sometimes shocking.
 
G
#21 ·
(image removed)
xkcd rocks. That comic is so true.

As for the rest of the conversation I'll stay out of it for the most part. It sucks on both ends of the spectrum and while lots of things said are true some are not. Sometimes (maybe more often than not) the IT folk have attitudes against macs, but sometimes they just have to follow policy -- which is most often not set by them. Having done a lot of IT over the years I can testify to this personally ... I've had to do some really dumb things because of rules set beyond our control (and by our I mean IT) and some even dumber restrictions due to policy in that time that I didn't agree with ... that's not always the case, but that's just the way it is most times.

Don't try and spoof your MAC address and do things on the network you're not supposed to do. Not only does it risk your job and possibly the jobs of others, it's just plain nasty. If you really hate it that much find a new mac-friendly workplace :)
 
#23 · (Edited)
I wish the above comic were true. I've wasted so much time on hold with complete idiots who don't think for themselves.

To the OP, and the remainder of the thread:
As an IT person, I've spent a lot of time fixing people's mistakes, and dealing with the headaches that come with allowing them to used unsecured computers. It's not just viruses, but also information protection when dealing with unannounced/confidential projects and other files of that nature. By bringing your own computer into the office, you potentially compromise the security of the entire network, and all the other computers in the office. It's better to work with the IT department than it is to work around them, which only leads to headaches on both sides.
 
#27 ·
As for the OP (who has vanished, methinks?), [/QUOTE]

Nope still here... remember the part about me mentioning that it was my work network that has booted me and therefore I have no internet access at work, and since I work during the day ... yeah...

I'm not putting out any *attitude* whatsoever, I was just trying to figure out what my options were. I didn't ask for a step-by-step How-do-I-screw-the-man tutorial.

I realize that this is a hot button issue for some of you... but my deal is that I want to do work at work. I like the suggestion about going to the IT people and seeing if there is an alternative virus protection program I could use to protect them against viruses I may (or may not) be carrying.

However, I can't use their machines to do what they want me to do... It's as simple as that. If they want me to do my job, then I need the materials to do it. It's like being hired to build a house and then telling me I am only aloud to build it with the toothpicks and glue they are giving me. Sure I'll get it done, but it it's going to be crappy.

Thanks for your ideas/opinions/suggestions and yes, even your harsh criticisms. I've learned what I needed to and I appreciate your input.
:)
 
#30 ·
I realize that this is a hot button issue for some of you...
Heh .. Gomommago, I think we should award you the prize for "most controversial first post". Nice way to introduce yourself to the forum... walk in, start a fire, walk away :D

Welcome to ehMac!
 
#35 ·
What I find funny about this discussion, is that in two companies I've worked for all the top IT guys secretly loved Macs. One company had won a number of awards for their brilliant interface design, way out classing others in the industry. I found out that the guy who did the interface design was the head of IT. He showed me his Mac laptop. Only Mac in the whole operation.

Even though I was usually issued a standard Dell or IBM laptop at these companies and told not to use Mac, the guys responsible for the choice of tech (and enforcing the rules) often were Mac fans!
 
#37 ·
I always find said "policy" is always created by the IT department. Higher ups in the administration have no idea what technology to use they just don't want security issues. So then the IT department comes in with a solution and then that becomes part of the "policy" and they some times never look into other solutions that will still keep the network secure.

It's most frustrating to the users in education and big business when there are new software out there that can add to productivity but the IT department won't allow it because it's new and they don't know anything about it and won't spend the time to research it and just want to rest on their laurels and wish everyone just used Windows XP and Office 2003 and not iPads/iPhone or Macs or even Linux or Windows 7 (Vista I can agree with though).
 
#38 ·
That's exactly the problem we're seeing in the schools now, where the students often know more than the teachers do, and the IT department is largely out of the loop. The kids can do more on their home computers than what the school provides, yet we keep buying this stuff because we're told to. Heck, you can do nearly as much on an iPhone as you can on a school computer, plus the sites are not all blocked. If creative exploration of uses for technology is one of the tech outcomes for students, then we are failing miserably as an educational system. Except in my class, of course, because I'm an anarchist.

P.S. It just occurred to me how anarchist looks like antichrist. beejacon
 
#40 ·
Hey gomommago,

I think you should also lobby to be allowed to freely surf any website (i.e. pron) you want on your lunch break.. because what the heck, it's YOUR time, right?! Right?!
 
#44 ·
...oh, I'm not so sure about that statement. Just check out the Troubleshooting forum here or the range of issues found in the Discussion forum's on Apple's own website.

A Mac filled-world is not necessarily problem free, and certainly not user-intervention free.
 
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top