The following instructions assume that you are on the Configure Wi-Fi Settings page in the Create New Wi-Fi Policy Wizard (see Creating Security Policies) or that you are on the Details page for an existing Wi-Fi policy (see Editing a Policy’s Details).
The Wi-Fi policy lets you control wireless access.
The General Settings let you control access for ad hoc network connections and Wi-Fi connections.
Ad hoc network connections provide direct wireless access between devices without using a physical wireless access point such as router or mobile phone hotspot. These connections are temporary but can be used for transferring files, playing multi-player computer games, and sharing Internet connection. If you allow connections, you can define the minimum security level for connections in this policy.
Select one of the following options to control ad hoc connections:
Enable: Allows ad hoc network connections.
Disable: Prevents ad hoc network connections.
Inherit: If the policy’s Inherit from Policy Hierarchy setting is enabled, inherits this setting from other Wi-Fi policies assigned higher in the policy hierarchy. For example, if you assign this policy to a user, the setting is inherited from any Wi-Fi policies assigned to the user’s groups, folders, or zone.
This setting lets you control Wi-Fi connectivity, which includes mobile phone hotspots, but does not include Bluetooth and infrared wireless connections. To control Bluetooth and infrared connections, use the Communication Hardware policy. For information about setting minimum security levels when connections are enabled, see Configure Minimum Security.
Select one of the following options:
Enable: Allows Wi-Fi connections.
Disable: Prevents Wi-Fi connections. Connections are blocked but the wireless adapter remains active in case you want to use wireless access points to determine location. To completely disable Wi-Fi adapters, use the Communication Hardware policy.
Inherit: If the policy’s Inherit from Policy Hierarchy setting is enabled, inherits this setting from other Wi-Fi policies assigned higher in the policy hierarchy. For example, if you assign this policy to a user, the setting is inherited from any Wi-Fi policies assigned to the user’s groups, folders, or zone.
You can use the Access Points list to control connections to wireless access points, such as routers and mobile phone hotspots. The list works as follows:
When you add an access point, you designate it as prohibited or approved. Prohibited access points are filtered out of a device’s wireless network connection display. If a user manually connects to a prohibited access point, the connection is blocked. You can also define further controls by configuring the Minimum Security settings in the policy.
All access points are approved (default approval) until you add one approved access point to the list (explicit approval). At that point, the default approval is ignored and only explicitly approved access points are allowed.
Prohibited access overrides approved access. For example, assume that you have multiple access points that share Novell as the SSID. You create an approved access point definition using Novell as the SSID, which results in all access points that share the Novell SSID being allowed. However, there is one Novell access point you want to prohibit, so you create a prohibited access point definition using the access point’s MAC address. Based on its SSID and MAC address, the access point matches both definitions (approved and prohibited). Prohibited access overrides approved access, so connection to the access point is prohibited.
The following table provides instructions for managing access points:
Task |
Steps |
Additional Details |
---|---|---|
Add a new access point |
|
|
Copy an access point from another policy |
|
All access points included in the selected Wireless policies are copied. If necessary, you can edit the copied access points after they are added to the list. |
Import an access point from a policy export file |
|
All access points included in the export file are imported. If necessary, you can edit the imported access points after they are added to the list. For information about exporting access points, see Export an access point. |
Edit an access point |
|
|
Export an access point |
|
|
Delete an access point |
|
|
Select the minimum security protocol that an approved access point must provide before a connection is allowed. For example, if you select WPA, only approved access points that provide WPA, WPA2, or WPA3 encryption are allowed.
Select No encryption required to ignore minimum security. Select Inherit to inherit the minimum security from other Wi-Fi policies assigned higher in the policy hierarchy. For example, if you assign this policy to a user, the setting is inherited from any Wi-Fi policies assigned to the user’s groups, folders, or zone.
Approved access points that fall below the minimum security level are not displayed in the device’s wireless network connections list when detected. If a user tries to manually define a connection to the access point, the connection is blocked.
This option is available only if you selected WPA, WPA2, or WPA3 as the minimum security requirement.
You can display a message when a wireless connection is blocked because the access point does not meet the minimum security requirement. Select Display message when minimum security not met, then fill in the following fields:
Title of Message Window: Specify the message window’s title.
Body: Provide the text for the message body.
Message Hyperlink: If you want to include a hyperlink, select Include message hyperlink, then specify the display text for the hyperlink and the link command.