Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Control which SSID or Wifi service laptop can connect to

Posted on 2016-09-07
4
Medium Priority
?
125 Views
Last Modified: 2016-10-06
I'd like to control our corporate laptops such that they could only connect to our corporate
SSID / wireless service & not any other : is there any tool or hardening method that could
do this?

Our users are not granted local Admin rights.

Don't want them to connect to their phone's 4G or home Wifi but only our corporate
Wifi which they are forced to go thru our corporate's proxy when browsing the Net.

Also, don't want them to transfer data from their laptop to  a wireless HDD : currently
we block the USB port while LAN port setting is greyed out: they can't change LAN
port settings
0
Comment
Question by:sunhux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 41

Accepted Solution

by:
footech earned 1520 total points
ID: 41788409
Use Group Policy to define the wireless network they can connect to, and then check the boxes to block connecting to ad-hoc and infrastructure networks.  They should then only be able to connect to the defined network.  I did this as a test some time back and it worked (though it's not something I've implemented in production).
GP settings for WiFi
1
 
LVL 11

Assisted Solution

by:Ray
Ray earned 200 total points
ID: 41788456
I don't have a solution, but would like to point out that a savvy user could easily change their home network or wifi hard drive to use the same ssid as your company wireless.  Though, this is a good solution for most users.
0
 
LVL 41

Assisted Solution

by:footech
footech earned 1520 total points
ID: 41788609
That might be true if the company uses a PSK (pre-shared key) for authentication instead of something like WPA-Enterprise where you'll be authenticating against a RADIUS server.  Then, all the settings will be defined and you won't be able to reconfigure them to connect to the home network using another authentication method (and even if they set up a RADIUS system at home, it wouldn't be the same).
1
 
LVL 47

Assisted Solution

by:Craig Beck
Craig Beck earned 280 total points
ID: 41788834
Footech is spot on. GPO is the way forward!  I've done it lots of times.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This program is used to assist in finding and resolving common problems with wireless connections.
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question