Solved

Control which SSID or Wifi service laptop can connect to

Posted on 2016-09-07
4
93 Views
Last Modified: 2016-10-06
I'd like to control our corporate laptops such that they could only connect to our corporate
SSID / wireless service & not any other : is there any tool or hardening method that could
do this?

Our users are not granted local Admin rights.

Don't want them to connect to their phone's 4G or home Wifi but only our corporate
Wifi which they are forced to go thru our corporate's proxy when browsing the Net.

Also, don't want them to transfer data from their laptop to  a wireless HDD : currently
we block the USB port while LAN port setting is greyed out: they can't change LAN
port settings
0
Comment
Question by:sunhux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 40

Accepted Solution

by:
footech earned 380 total points
ID: 41788409
Use Group Policy to define the wireless network they can connect to, and then check the boxes to block connecting to ad-hoc and infrastructure networks.  They should then only be able to connect to the defined network.  I did this as a test some time back and it worked (though it's not something I've implemented in production).
GP settings for WiFi
1
 
LVL 10

Assisted Solution

by:Ray
Ray earned 50 total points
ID: 41788456
I don't have a solution, but would like to point out that a savvy user could easily change their home network or wifi hard drive to use the same ssid as your company wireless.  Though, this is a good solution for most users.
0
 
LVL 40

Assisted Solution

by:footech
footech earned 380 total points
ID: 41788609
That might be true if the company uses a PSK (pre-shared key) for authentication instead of something like WPA-Enterprise where you'll be authenticating against a RADIUS server.  Then, all the settings will be defined and you won't be able to reconfigure them to connect to the home network using another authentication method (and even if they set up a RADIUS system at home, it wouldn't be the same).
1
 
LVL 46

Assisted Solution

by:Craig Beck
Craig Beck earned 70 total points
ID: 41788834
Footech is spot on. GPO is the way forward!  I've done it lots of times.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question