Results 1 to 4 of 4

Thread: How to Protect a Network from Unmanaged Clients

  1. #1
    Join Date
    Jul 2009
    Posts
    154

    How to Protect a Network from Unmanaged Clients

    Hello,
    I have setup a wifi network at my office. We have very important data at some system. So we want to protect this from Unmanaged Clients on network. We are not rely on antivirus and security system.How we can protect our network from Unmanaged Clients. Any one can know this ? Any suggestion??

  2. #2
    Join Date
    Jan 2006
    Posts
    3,792

    Re: How to Protect a Network from Unmanaged Clients

    Solution is to deploy the anonymous access WAP on a segment perimeter network that has no access to the corporate network. This allows you to offer Internet access to your guest users without incurring the administrative overhead to give users WEP and WPA and partitioning the corporate network from these unmanaged clients. For example, you can create a wireless DMZ on an ISA firewall multihomed as discussed in the article "Providing Internet access while securing your network using a wireless companies DMZ.Many provide WAP access anonymous for the convenience of clients and consultants. Even if the anonymous access WAP is a great convenience to your customers, they can create a significant security threat to enterprise network customers as guests of the connection they are not managed, and there is a chance that these hosts are compromised by worms, viruses and Trojans.

  3. #3
    Join Date
    Apr 2008
    Posts
    3,339

    Re: How to Protect a Network from Unmanaged Clients

    WAP corporate network does not allow anonymous connections. You will need the user or machine authentication for corporate deployment highly secure wireless. For example, we use the user authentication and EAP computer certificate when deploying enterprise deployments of wireless. The authentication certificate means that only managed machines and users can connect to the corporate network via the WAP business.
    However, the convenience offered by the anonymous access WAP to guests can also be useful for employees such as executives who bring in unmanaged, personal laptops from home. These machines are not provisioned to use the WAP business, so they have to use anonymous access WAP. You can provide these users access the anonymous access wireless DMZ segment by having them use VPN connections to the corporate network. The VPN link secures the connection and prevents intruders from intercepting communications with resources on the corporate network. For more details on this configuration, see TechProGuild Allow VPN access to your wireless network from a DMZ.

  4. #4
    Join Date
    Apr 2008
    Posts
    3,424

    Re: How to Protect a Network from Unmanaged Clients

    A particularly effective method you can use to secure your network against unauthorized users wireless IPSec-based domain isolation. IPSec domain isolation is a technique that isolates domain servers or all domain member computers from untrusted machines. IPSec domain isolation is one of the most effective methods available today for Windows networks to protect your critical servers customers not only rogue wireless but all unsecured computers on the corporate network. You can use your firewall application layer access controls to block those devices to connect to the Internet. For example, you can configure the firewall ISA Server to require user authentication before enabling outbound access from the corporate network to the Internet. For Web protocols, you can configure a firewall application layer controls to block user-agent headers sent by handheld devices or force integrated authentication to the firewall before allowing the outgoing access. Since handheld devices can not be domain members, any attempt to connect to the Internet will be blocked.

Similar Threads

  1. SBS 2008 Slow Network Performance with Windows XP Clients
    By MilesAway in forum Small Business Server
    Replies: 13
    Last Post: 09-05-2012, 05:48 PM
  2. Is it possible to scan for unmanaged clients in SEPM 12.1.671.4971
    By Vascon!cell in forum Networking & Security
    Replies: 6
    Last Post: 14-02-2012, 03:41 PM
  3. Managed switch network speed vs. unmanaged switch network speed
    By LLoLL in forum Networking & Security
    Replies: 6
    Last Post: 22-07-2011, 07:28 PM
  4. maximum number of clients can connect to a shared printer within the network
    By take__me__away in forum Networking & Security
    Replies: 4
    Last Post: 24-09-2009, 09:07 AM
  5. Unable to browse network drives via over VPN on Vista clients
    By Dharitree in forum AntiVirus Software
    Replies: 3
    Last Post: 02-09-2008, 11:07 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,726,694.31782 seconds with 17 queries