Solved

Wireless Network Priority

Posted on 2011-09-21
6
249 Views
Last Modified: 2013-12-27
How Can Iblock domain computers from connecting to non-approved networks if approved networks are available. Would like to exclude IT machines or logons from this restriction.
The goal is to avoid having users connect to our guest networks accidentally, which happens fairly often, but allow them to use their own wireless at home or on the road.
0
Comment
Question by:starre21
  • 2
  • 2
6 Comments
 
LVL 61

Expert Comment

by:btan
Comment Utility
Using the WPAD for proxy but the enforcement may not be fullproof

http://myitforum.com/cs2/blogs/forefrontsecurity/archive/2011/03/16/how-to-use-your-corporate-proxy-when-you-are-connected-with-directaccess.aspx

But it suggested use of proxy gateway and an agent to be "enforcing" the client machine policy thru GPO (see below). Making sure user does not have admin right.

http://technet.microsoft.com/en-us/library/cc985352.aspx
0
 

Author Comment

by:starre21
Comment Utility
How will prevet them from accessing the Guest Wireless network(which is open security) when the production wireless is in range, but still allow connection to any outside wireless network?
Would Different IP Scopes on the Wireless networks be a better option as most facilities are recieving their guest wireless via DSl while the production network is on MPLS?
0
 

Author Comment

by:starre21
Comment Utility
or is there a way to deny access all together to certain SSIDs?
0
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
Comment Utility
There is domain GPO doing the blacklist and whitelist of ssid. it will not be all encompassing but minimally assure wireless to specific ap.

 http://www.grouppolicy.biz/2010/03/how-to-use-group-policy-to-blackwhite-list-wireless-networks-in-vista-windows-7/

the 802.1x is also another option but it is not possible for home user and more with enterprise infra or after vpn is established. to stop the initial wireless connection will not be 100% though

0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now