If you're infrastructure is running Server 2008 and your clients are running Vista or higher you can already prevent unauthorized devices from being installed via Device GUID. See here: http://msdn.microsoft.com/en-us/library/bb530324.aspx
Of course, it's not completely bullet-proof but it's definitely better than letting anything be installed on any workstation.
Slashdot Mirror
If you're infrastructure is running Server 2008 and your clients are running Vista or higher you can already prevent unauthorized devices from being installed via Device GUID. See here: http://msdn.microsoft.com/en-us/library/bb530324.aspx Of course, it's not completely bullet-proof but it's definitely better than letting anything be installed on any workstation.