The Wireless policy lets you control wireless access. The available settings depend on whether the policy is a global policy or a location-based policy.
A global Wireless policy lets you disable wireless connectivity. If you want to allow wireless connectivity but control available access points and security levels, you must use a location-based policy.
The following settings are available for a global Wireless policy:
Disable Ad Hoc wireless connections: Select this option to disable the Ad-Hoc mode for wireless connections. This eliminates all peer-to-peer wireless connections.
Block wireless connections: Select this option to block all wireless connections. Connections are blocked but the wireless adapter remains active in case you want to use wireless access points to determine location. To completely disable wireless adapters, use the Communication Hardware policy.
A location-based Wireless policy lets you control connectivity to wireless access points. If you want to completely block all wireless connectivity, you should use a global Wireless policy.
You can use the Wireless Access Points list to control connections to access points. The list works as follows:
You can add approved access points and prohibited access points. Prohibited access points are filtered out of the wireless network connection display; if a user manually connects to a prohibited access point, the connection is blocked.
All access points are approved (default approval) until you add one approved access point to the list (explicit approval). At that point, the default approval is ignored and only explicitly approved access points are allowed.
Prohibited access overrides approved access. For example, assume that you have multiple access points that share Novell as the SSID. You create an approved access point definition using Novell as the SSID, which results in all access points that share the Novell SSID being allowed. However, there is one Novell access point you want to prohibit. You create a prohibited access point definition using the access point’s MAC address. Based on its SSID and MAC address, the access point matches both definitions (approved and prohibited). Prohibited access overrides approved access, so connection to the access point is prohibited.
The following table provides instructions for managing access points:
Task |
Steps |
Additional Details |
---|---|---|
Add a new access point |
|
|
Copy an access point from another policy |
|
All access points included in the selected Wireless policies are copied. If necessary, you can edit the copied access points after they’ve been added to the list. |
Import an access point from a policy export file |
|
All access points included in the export file are imported. If necessary, you can edit the imported access points after they’ve been added to the list. For information about exporting access points, see Export an access point. |
Edit an access point |
|
|
Export an access point |
|
|
Delete an access point |
|
|
Select the minimum security protocol that an approved access point must provide before a connection is allowed. For example, if you select
, only approved access points that provide WAP or WPA2 encryption are allowed.Approved access points that fall below the minimum security level are not displayed in the device’s wireless network connections list when detected. If a user tries to manually define a connection to the access point, the connection is blocked.
This option lets you display a message when a wireless connection is blocked because the access point does not meet the minimum security requirement.
Select the option, then fill in the following fields:
Title of Message Window: Specify the Message Window’s title.
Body: Provide the text for the message body.
Message Hyperlink: If you want to include hyperlink, select
, then enter the display text for the hyperlink and the link command.