Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 4127 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

advise how to block traffic on specific adapter, i. e. for broadband (WAN)

Markus Hartmann

Dear all,

I am new to the Sophos Endpoint Control application.

Currently I am in the need for a specific situation, maybe this will be easy to solve, maybe not possible at all.

I have Windows 7 and Windows 10 (soon to come) clients.
We have a VPN that we are using to connect to our enterprise services for laptop users.

How could I realize a optimal setup to:

a) allow all network traffic using the WLAN adapter (like using the LAN adapter).

b) block specific protocols using the WAN (broadband adapter)?


here is my challenge:
I would like to have laptops  *not*  to synchronize packages for software deployment
like Altiris or Sccm using the data cards.

They should be able to sync those packages using the LAN and WLAN adapters.

I was looking for a way to find anything about the adapter selections or how to query if the device
is using an APN but somehow I got lost on the way :)

Any ideas?
You help is highly appreciated! Thank you.



This thread was automatically locked due to age.
  • 0

    Hello Markus Hartmann,

    as you tagged this with Firewall I assume you're asking about the Client Firewall (SCF).
    Do I understand you correctly that you want to distinguish the WLAN (WiFi) from the broadband ("3G") adapter/connection? SCF isn't adapter-aware, and Device Control discerns wired and wireless devices but not among the latter. It might be possible to apply the Primary configuration when VPN is active (but regardless of the wireless connection).

    Christian

  • 0 in reply to QC

    Thank you Christian for your response.

    I did find some netsh commands to query the state of the connection (here "mbn").
    But, using the Sophos Endpoint we did disable the Windows FW as most companies do.

    Is there a chance to use those netsh commands to enable or disable ports via the sophos client fw?

    :))?

    Thank you.

  • 0 in reply to Markus Hartmann

    Hello Markus Hartmann,

    there's no API or some other means to configure SCF or extend its functionality. As said, it's almost completely "adapter-agnostic" - it does react to state changes and carries out its Location Detection but otherwise doesn't consider the adapter's specifics AFAIK.

    Christian

Unfiltered HTML