We are looking at a non-domain joined device BYOD policy. We have an Extreme NAC. I want to limit one device to one person not having it open slatter. I could do this by importing a MAC list into the NAC but with MAC addresses being easily spoofed this may not work.
Any ideas how to achieve a BYOD, one non-domain device per person?