Hi, I been trying to find a way to protect my network from my own customers, I will try to explain myself. Like a week ago one of my customers connected a router to the network and instead of conecting it to the wan port he connected it to one of the ethernet ports and it was assigning ip adress, it was easy to discover but meanwhile it afceted some other customers.
The first example was easy to fix but I had another client that had a virus that killed his network and somehow managed to mess up with my whole netwok, it made the conections to drop, the network was very slow, some pages didn't open, and all this was made by a single computer, I was able to discover this when I restarted the router and all the clients started to login and everything was fine until this client conected and the internet started to fail. I wen't with this customer and every time I connceted his machine to the network it started to fail. I took me like 15 days to find out what was happening and I need a way to prevent this from happening again.
I just use Mikrotik for client authentification and load balance, for the wireles part I'm using Skypilot.