A token based system for authenticating a client computer when it connects to a network. An address is requested from a server connected to the network. Provision of the address by the server triggers the server to look for a token on the client computer. If no token is found steps, such as revoking the address, can be taken. This enables a system administrator to control what machines can connect to the network, for example, it may allow only those having specified anti-virus software.