A number of years back we had an incident where someone (who really, really should have known better) bridged together his wireless connection (on one vlan and subnet) and his wired nic (on another vlan and subnet). This caused havoc until we identified the culprit was identified and chastened. Hadn't thought about this much since then. But it came up in conversation recently how one from the network side could prevent this kind of disaster.
Is there any way technically to prevent this kind of issue? I supposed you could limit mac addresses permitted on the wired side with learning. Anything else smart folks here can think of? Thank you.