cancel
Showing results for 
Search instead for 
Did you mean: 
marten_med_e
Level 7

Preventing crosstalk from wired to wireless

Hi

We have a wireless public Internet and a wired internal lan at or office, how can I use HIPS v.8.0 to isolate these two networks, or
can I prevent the computers to connected to both at the same time?

//Mårten

Message was edited by: marten_med_e on 2/4/11 3:47:17 AM CST

Message was edited by: marten_med_e on 2/4/11 4:13:50 AM CST
0 Kudos
3 Replies
marten_med_e
Level 7

Re: Preventing crosstalk from wired to wireless

Think I have to clarify it some, I know there are software and vbs scripts out there that does that and I can dissable bridging with GPO, but I wounder if there is any setting/rule in HIPS to do it?

0 Kudos
Dhatheway85
Level 7

Re: Preventing crosstalk from wired to wireless

Marten,

I think one option within HIPS is to use "Connection Isolation".  Within your firewall rules you cant create Connection Aware Group (CAG) for both your wireless and your LAN then select the isolation option.  Connection isolation should block all other network connections except the one that fits that CAG.

0 Kudos
McAfee Employee

Preventing crosstalk from wired to wireless

how can I use HIPS v.8.0 to isolate these two networks, or

can I prevent the computers to connected to both at the same time?

 Connection isolation should block all other network connections except the one that fits that CAG.

To clarify the Connection Isolation feature:

1. Connection Isolation does not always prevent network adapters from getting IP addresses (as the McAfee Agent Communication rule group which is added in memory automatically allows DHCP traffic).  So the network adapters will still show as having an IP addresses and connected to the network, but depending on your ruleset and CAG configuration, network traffic can be blocked for all non-matching network adapters.

2. Any firewall rules above a CAG that performs Connection Isolation will still apply to all network adapters.  Example: VPN rules should be above CAGs because you always want VPN tunnels to be established on any network adapter that the user is using, whether it be a wired or wireless connection.  But once the user is connected to VPN, you can them perform Connection Isolation to block traffic on non-matching adapters, but still allows the VPN tunnel to pass through even on a non-matching adapter (leaving the VPN tunnel established; otherwise the VPN tunnel would be destroyed).

For more details about CAGs:

PD20747 - Host Intrusion Prevention Firewall Connection-Aware Groups

0 Kudos