3 Replies Latest reply on Feb 23, 2011 4:11 PM by Kary Tankink

    Preventing crosstalk from wired to wireless

      Hi

      We have a wireless public Internet and a wired internal lan at or office, how can I use HIPS v.8.0 to isolate these two networks, or
      can I prevent the computers to connected to both at the same time?

      //Mårten

       

       

      Message was edited by: marten_med_e on 2/4/11 3:47:17 AM CST

       

       

      Message was edited by: marten_med_e on 2/4/11 4:13:50 AM CST
        • 1. Re: Preventing crosstalk from wired to wireless

          Think I have to clarify it some, I know there are software and vbs scripts out there that does that and I can dissable bridging with GPO, but I wounder if there is any setting/rule in HIPS to do it?

          • 2. Re: Preventing crosstalk from wired to wireless
            Dhatheway85

            Marten,

             

            I think one option within HIPS is to use "Connection Isolation".  Within your firewall rules you cant create Connection Aware Group (CAG) for both your wireless and your LAN then select the isolation option.  Connection isolation should block all other network connections except the one that fits that CAG.

            • 3. Preventing crosstalk from wired to wireless
              Kary Tankink

              how can I use HIPS v.8.0 to isolate these two networks, or

              can I prevent the computers to connected to both at the same time?

              Connection isolation should block all other network connections except the one that fits that CAG.

               

               

               

               

              To clarify the Connection Isolation feature:

               

              1. Connection Isolation does not always prevent network adapters from getting IP addresses (as the McAfee Agent Communication rule group which is added in memory automatically allows DHCP traffic).  So the network adapters will still show as having an IP addresses and connected to the network, but depending on your ruleset and CAG configuration, network traffic can be blocked for all non-matching network adapters.

               

              2. Any firewall rules above a CAG that performs Connection Isolation will still apply to all network adapters.  Example: VPN rules should be above CAGs because you always want VPN tunnels to be established on any network adapter that the user is using, whether it be a wired or wireless connection.  But once the user is connected to VPN, you can them perform Connection Isolation to block traffic on non-matching adapters, but still allows the VPN tunnel to pass through even on a non-matching adapter (leaving the VPN tunnel established; otherwise the VPN tunnel would be destroyed).

               

               

              For more details about CAGs:

              PD20747 - Host Intrusion Prevention Firewall Connection-Aware Groups