Disable WiFi while connected to secure LAN?

M

madman

Guest
Greetings, your advice is needed.

I see through searches that Hardware Profiles are no longer supported

when shifting to Vista. This has me in fear of a MASSIVE security issue

unless I am missing something.

My environment:

I maintain a very secure Windows network(active directory), where Wi-Fi

is not allowed. I also utilize roaming profiles for my users, who are

also not allowed admin rights to anything.

When using a laptop, logging onto my LAN disable the Wi-Fi via the

hardware profile to prevent possible bridging between a secure LAN and

the outside world. Inversely, booting off my LAN enabled the Wi-Fi and

disabled the Ethernet.

How do I maintain this level of security with Vista Business or greater

(And before you ask, NO I do not trust my users style_emoticons/ )?

Does Vista have something more capable that I have not found yet?

Thanks,

MM

--

madman

 
S

Steve Riley [MSFT]

Guest
> This has me in fear of a MASSIVE security issue

There's no security risk here. Since your users don't have admin rights,

they won't be able to configure any routing protocols, and any malware that

would by chance install as standard user won't be able to act as a router.

<span style="color:blue">

> I maintain a very secure Windows network, where Wi-Fi is not allowed</span>

This implies that you think wireless is insecure. When configured properly

(that is, using WPA or WPA-2), wireless can be quite robust. Why not allow

it, and use group policy to configure it?

--

Steve Riley

steve.riley@microsoft.com

http://blogs.technet.com/steriley

http://www.protectyourwindowsnetwork.com

"madman" <guest@unknown-email.com> wrote in message

news:d0be13647d9795aecef5c1ae4eff0dbe@nntp-gateway.com...<span style="color:blue">

>

> Greetings, your advice is needed.

>

> I see through searches that Hardware Profiles are no longer supported

> when shifting to Vista. This has me in fear of a MASSIVE security issue

> unless I am missing something.

>

> My environment:

> I maintain a very secure Windows network(active directory), where Wi-Fi

> is not allowed. I also utilize roaming profiles for my users, who are

> also not allowed admin rights to anything.

> When using a laptop, logging onto my LAN disable the Wi-Fi via the

> hardware profile to prevent possible bridging between a secure LAN and

> the outside world. Inversely, booting off my LAN enabled the Wi-Fi and

> disabled the Ethernet.

>

> How do I maintain this level of security with Vista Business or greater

> (And before you ask, NO I do not trust my users style_emoticons/ )?

>

> Does Vista have something more capable that I have not found yet?

>

> Thanks,

> MM

>

>

> --

> madman </span>

 
You must log in or register to reply here.
Top Bottom