You could use also port security on your switches, maybe do a vlan implimentation. You could use Cisco Works LMS. for a quick fix though, i would employ port security. this would force user to use only 1 port. and when pc / laptop is switched on, hello... you found your person. also, if switches have rsm's you could use traffic/port filtering. this would further hamper the malicious user's attempt to "sniff" your packets or gain info .... btw, I am assuming that you are using cisco switches . Hope this helps?! please let me know. thanks.