Connection Management
Access control, backdoors, Browsers, Compliance, CRM, Current threats, Desktop management applications, Disaster Recovery, filtering, Hacking, human factors, Mobile, Network applications management, Network management software, Policies, Risk management, Security, Security Program Management, Servers, Spyware, SSL/TLS, Trojans, Viruses, Web security, worms
Hello,
I am working on a project that we have a deployed a Personal Firewall product on laptop users.
The Personal Firewall allows us to define a server based access profile or FW rules for each type of connection and IP range. ie. Ethernet, WLAN etc.
The issue is this personal FW activates BOTH connection profiles when users connect to 2 types of connections at the same instance, bridging the networks.
The target is, that laptops are ONLY allowed the default type of connection while connected to the Enterprise LAN but can utilise WLAN when away from the office. Just not at the same time!
Qs
1. Anybody knows a software that can perform this please?
2. If not, can somebody please recommend a personal FW product, that can prioritise connection profiles and policies, and lock down connections if needed?
Thanks in advance.
Software/Hardware used:
Software/Hardware used:
ASKED:
March 27, 2006 4:14 AM
UPDATED:
March 27, 2006 7:39 AM
RELATED QUESTIONS
- Multiple Connections - Management
- AP-5131 WAP RADIUS Configuration?
- (Special case) Suggest what should be done to get two pc networked?
- VPN Error When connecting wireless on laptop but works fine hardwire with the same router
- What's a typical network design for a LAN with 5 Public IP's for the FW, Router, Switches
Answer Wiki:
Welcome to the land of 'Helpful' WindowsOS. Best reference is on Technet. www.microsoft.com/technet/communitiy/columns/cableguy/cg0504.mspx
In Windows you can use Group Policies provided the Wired and Wireless are different domains or at least different IP address ranges.
If you used 'best practices' and the wireless is private addressed (i.e 192.68.xxx.yyy) and different from your wired network (i.e. 192.168.aaa.bbb) then the granted IP address can be used to make a rule turning off the 'bridge'.
Good Luck.
To see all answers submitted to the Answer Wiki: View Answer History.
Hi,
If I correctly understood the situation, you have both cable connections and wireless access point(s) in the enterprise building, and “away from the office” means “out of the room but in the building”?
If so, it’s not a FW problem at all. Why don’t you disable altogether the bridging on the laptops (yes, it is activated by default in the XP network connection setings, but I cant’t imagine a reasonable situation where it is helpfull on a laptop…).
After you disable bridging, the laptop will have to decide which is its default route to the inter/intranet – it is possible by adjusting metrics of the interfaces.
BR,
Petko