• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 671
  • Last Modified:

How to manage wireless radios on laptops using VPN

I am piloting a client based SSL VPN solution for my users. The process should work like this.

- User receives a laptop that is joined to the domain.

- The laptop is physically plugged into the corporate network with the wireless radio disabled. This is to prevent the laptop being plugged into our network and wirelessly connected which is considered bridging networks by the security wonks and is prohibited.

- User logs into the laptop to get their credentials from the domain cached onto the laptop.

- The laptop is removed from the corporate network and the wireless radio is enabled.

- User takes laptop home and uses wireless radio to get onto wireless network, then launches VPN client and connects to our corporate network. Split tunneling is disabled when connected to the VPN concentrator, so that takes care of the bridging issue.

My concern is that a user will leave the wireless network adapter enabled, and will bring the laptop back into the office and plug it in there. At that point, the user would be plugged into the network with the radio enabled, and we would have a security incident.

Any ideas on how to manage this issue?
0
ofdasupport
Asked:
ofdasupport
  • 2
1 Solution
 
Scott CSenior Systems EnginerCommented:
Here are a couple of products that will do what you want.  

Also I know some HP laptops have a setting titled Enable LAN/WLAN switching.  Check in the BIOS of your laptops to see if this option is built in.

Check out http://www.wirelessautoswitch.com they have a product that does what you want:

Wireless AutoSwitch runs as a service and will automatically disable your wireless card when you connect to a LAN (hard wire) connection, and re-enable the wireless card when there is no LAN connection. This ensures that you are always using the fastest connection for network traffic. In the office this helps reduce redundant network connections, while still helping your employees seamlessly transfer from wired to wireless network connections.

http://www.wlanbook.com/bridgechecker/

BridgeChecker is a windows utility that can automatically disable/enable wireless interfaces. Whenever your computer is connected to an Ethernet port and the link state is good, the utility can automatically turns off the IEEE 802.11 wireless network interface.

There are other products out there that do the same thing.  You can search and see which ones fit your needs and budget.
0
 
Scott CSenior Systems EnginerCommented:
I just configured the LAN/WLAN switching on my HP ProBook 6460b and it works perfectly.

When I am hard wired to the network my wireless is disabled.  When I unplug from the Ethernet port the Wirelss is enabled automatically.
0
 
ofdasupportAuthor Commented:
I will explore the software mentioned and also check into the settings on this laptop. It isn't in front of me now, but I am going to test it.
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now