On Fri, Feb 23, 2018 at 11:25 AM, hw <hw at gc-24.de> wrote: > But MAC addresses can be faked, can´t they? Yes, someone can go to the trouble of obtaining a known corporate MAC address and MAC-spoofing their personal device so they can PXE-boot a corporate build on a VLAN that is otherwise useless. If your corporate build on it's own is precious enough in itself that you worry about this eventuality, then make the build server insist on authentication before the build initiates.