Multiple Connections - Management

Member "Mkimonos" writes: I am working on a project that we have a deployed a Personal Firewall product on laptop users. The Personal Firewall allows us to define a server based access profile or FW rules for each type of connection and IP range. ie. Ethernet, WLAN etc.

The issue is, this personal FW activates BOTH connection profiles when users connect to 2 types of connections at the same instance, bridging the networks.

The target is, that laptops are ONLY allowed the default type of connection while connected to the Enterprise LAN but can utilize WLAN when away from the office. Just not at the same time!

1. Anybody knows a software that can perform this please?
2. If not, can somebody please recommend a personal FW product, that can prioritize connection profiles and policies, and lock down connections if needed?

Answers

Member Bmarone writes: In my experience with the NT-based OS's, the networks do not get "bridged" unless IP filtering/forwarding/routing is enabled, which is not the default. If the firewall product itself is bridging the networks, there should be a setting to disable it.

If the issue is connection speed, the wireless adapter gets a lower priority metric, usually 20, than the hard-wired connection, usually 1. So if you have both adapters on 192.168.1.x and connected from boot, the traffic should favor the copper. In the event a user connects the copper after bootup, they need only disconnect from the AP or possibly just close the apps that have started on the wireless route so they relearn. Of course, some users may find it easier to just reboot after plugging in copper.

Member "larrythethird" writes: The problem I see with both cards being active is that the firewall usually only grabs one of the cards. The second card is free to inject the network with whatever the user picked up in his travels.

I have been looking for something like this ever since we installed our first single access point. Laptop users go home, or on the road, come back to the office and plug in the copper while the wireless is still active. I have never liked the idea of an unattended wireless card searching for the "first available network" like an executive has their laptop setup for his or her home wireless network.

Click here to read the full discussion and additional responses to this question.

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Configuration and Deployment DHCP Client Service error affects network security How to use a GPO to improve Windows folder security Remote management for Windows system upgrades How to secure BitLocker configurations What's new and improved in IPsec in Windows Server 2008 Have my Windows patches actually been installed? What's hot in Windows security: Ins and outs of Windows Server 2008 Rights management in Windows: Security expert roundup Set write permissions in Windows network folders Windows network rights, password policy and network security testing Configuration and Deployment Research Protocols and Services Group Policy Object security in Windows Limit Windows Remote Desktop users' server rights Can I prevent network users from installing 3rd party software? Domain controller penetration testing Microsoft Rights Management Services: An introduction Locking down SMTP in Win2K and Server 2003 Windows security update may cause shell extensions to fail Active Directory Federation Services Finding extra security in R2 Step 6: Distribute the profile to remote users Protocols and Services Securing legacy NT and Win2K servers Performing server maintenance without e-mail notification Protect Your Windows Network: From Perimeter to Data: Chapter 2, 'Anatomy of a Hack -- The Rise and Fall of Your Network' Introduction: 'Anatomy of a Hack -- The Rise and Fall of Your Network' What a penetration test will not tell you Network footprinting Using NTFS rights to deny the Delete permission Ethereal Cain & Abel Converting user IDs to SIDs

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary