Quote Originally Posted by Cider
Wow broken, that is quite a stress factor for you.
Yeah, no kidding. I'm getting a bit fed up, especially with purchasing, but I won't go there.

Quote Originally Posted by HTRegz
1. Write a quick and dirty tool to check and see if a version of VMWare, VirtualPC, Xen, etc is installed on the machine. (Since you have domain credentials... and assuming these machines are on the domain this will be fairly straight forward)... If a computer has VMWare without requiring it then it's probably running Rogue VMs... at that point you just have to watch for them..

Unfortunately this is reactive...

If you want to be proactive..

2. Configuring your network (assuming quality switches) to make use of some of the more basic NAC features that most switches support... I highly suggest that on Cisco switches you take advantage of the command switchport port-securit maximum 1. This limits you to 1 Mac Address per switch port. You can use switchport port-security violation [shutdown|restrict|protect] to determine the method of action to take if a second MAC address is detected..
My question as it pertains to my current position is more hypothetical
than anything. We do have a series of Perl scripts we use to search
PC's for files when need be. And that first solution came to me as I
pondered what I'd posted. Just search the network for MS's VPC and
VMware's app files.

We run a series of Cisco 2800 and 2900's, and I think at some point my
current employer may indeed employ those very NAC features. They
make the most sense. Currently I'm not privy to config'ing those units,
though I am a domain admin, and the network upgrades are coming fast
and furious. I know when things settle down, we'll see a series of these
features.

Fwiw, I've finally caught on to VM's and am enjoying them when I get the chance. I can see how useful they really are. Well, back to the g-r-i-n-d...