The problem is that I work in an IT-company and there are many creative technical people who like to plug different unwanted things (e.g. personal notebooks, wi-fi APs etc.) into computer jacks. Is it neccessary to explain how a wi-fi AP attached to corporate network instead of a legal laptop breaks up the security? I guess the answer is no.
So I'm trying to find a way to restrict access of unwanted devices to the network. First of all I'm looking at 802.1x catalysts capapability. And I look for a possibilty to have some kind of certificates, by which the computers can be authenticated via 802.1x. The certificates, that cannot be copied from one computer to another or else. So the certificate must be somehow attached to computer configuration or maybe in some other way be unique.
Does anybody know a suitable solution?