Disable WiFi while connected to secure LAN?

  • Thread starter Thread starter madman
  • Start date Start date
M

madman

Guest
Greetings, your advice is needed.

I see through searches that Hardware Profiles are no longer supported
when shifting to Vista. This has me in fear of a MASSIVE security issue
unless I am missing something.

My environment:
I maintain a very secure Windows network(active directory), where Wi-Fi
is not allowed. I also utilize roaming profiles for my users, who are
also not allowed admin rights to anything.
When using a laptop, logging onto my LAN disable the Wi-Fi via the
hardware profile to prevent possible bridging between a secure LAN and
the outside world. Inversely, booting off my LAN enabled the Wi-Fi and
disabled the Ethernet.

How do I maintain this level of security with Vista Business or greater
(And before you ask, NO I do not trust my users :p )?

Does Vista have something more capable that I have not found yet?

Thanks,
MM


--
madman
 
Re: Disable WiFi while connected to secure LAN?

> This has me in fear of a MASSIVE security issue

There's no security risk here. Since your users don't have admin rights,
they won't be able to configure any routing protocols, and any malware that
would by chance install as standard user won't be able to act as a router.


> I maintain a very secure Windows network, where Wi-Fi is not allowed

This implies that you think wireless is insecure. When configured properly
(that is, using WPA or WPA-2), wireless can be quite robust. Why not allow
it, and use group policy to configure it?


--
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com



"madman" <guest@unknown-email.com> wrote in message
news:d0be13647d9795aecef5c1ae4eff0dbe@nntp-gateway.com...
>
> Greetings, your advice is needed.
>
> I see through searches that Hardware Profiles are no longer supported
> when shifting to Vista. This has me in fear of a MASSIVE security issue
> unless I am missing something.
>
> My environment:
> I maintain a very secure Windows network(active directory), where Wi-Fi
> is not allowed. I also utilize roaming profiles for my users, who are
> also not allowed admin rights to anything.
> When using a laptop, logging onto my LAN disable the Wi-Fi via the
> hardware profile to prevent possible bridging between a secure LAN and
> the outside world. Inversely, booting off my LAN enabled the Wi-Fi and
> disabled the Ethernet.
>
> How do I maintain this level of security with Vista Business or greater
> (And before you ask, NO I do not trust my users :p )?
>
> Does Vista have something more capable that I have not found yet?
>
> Thanks,
> MM
>
>
> --
> madman
 
Back
Top