Having users login before accessing your enterprise network is standard practice, but it is no longer enough protection. You may trust the user, but can you trust the computer they are using? Is the user sophisticated enough to understand and vouch for every process running on a computer that may be reaching out to snoop into databases or to overload critical servers? Probably not.
If you don’t authenticate the computer, then you open your networks to an unknown legion of unauthorized users coming in “under the covers,” using computer services that are mistakenly assumed to be authorized.
Read more at: http://www2.darwinmag.com/read/feature/jun05_networkaccess.cfm