Many laptops (I know Dell does) have software that will disable wireless when wired is detected. You might look in that direction.
In the past, I always removed that Dell software, but am now starting to use it. Although I don't have security concerns with it, now that we are moving to Windows 7 and no longer can disable the wireless devices in the docked profile, these laptops are using two IPs and we are already tight on them. I am looking at the software solution to assist with that. BF -----Original Message----- From: Juned Shaikh [mailto:[email protected]] Sent: Thursday, October 13, 2011 9:46 PM To: NT System Admin Issues Subject: Wireless / Wired bridging Hi, Security folks are hounding on this and any help will be highly appreciated. Setup Cisco wireless network - Highly secure configuration. No issues there. When a laptop are docked, the Win7 workstations gets IPs from both the network ; Wired and wireless. - Route print command clear suggests, wired network is getting preference; technically all works fine. User when undocks it - system automatically switches over to wireless network - no issues. - Route print command suggests the traffic going through wireless network ======= But security team is flipping over the issue that the system is simultaneously connected to both the networks. ======== In counter argument, we suggested following 3 Microsft KB articles http://support.microsoft.com/kb/315088 http://support.microsoft.com/kb/299540 http://support.microsoft.com/kb/894564 Which suggests how microsoft decides when system sees two connections, but that's not sufficient. In Security language, controlling the network path through route metrics is not sufficient. As per them there is no control in place to avoid split tunneling. =========== Question is : What is the technical solution to this problem? Hardware Profiles is one, but it is phased out and doesn't make sense in todays more mobile workforce. Is the security concern right? If not, what should be the technical explanation? What is the current method of 100% ensuring the traffic route ? Any suggestions? Thanks in advance, ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
