The following instructions assume that you are on the Section 9.0, Creating Security Policies) or that you are on the page for an existing Wi-Fi policy (see Section 13.0, Editing a Policy’s Details).
page in the Create New Wi-Fi Policy Wizard (seeThe Wi-Fi policy lets you control wireless access
Watch a video that demonstrates how to create a Wi-Fi policy. |
The General Settings let you control access for ad hoc network connections and Wi-Fi connections.
Ad hoc network connections provide peer-to-peer wireless access between devices. These connections are temporary but can be used for transferring files, playing multi-player computer games, and sharing Internet connection. Select one of the following options to control ad hoc connections:
Enable: Allows ad hoc network connections.
Disable: Prevents ad hoc network connections.
Inherit: Inherits this setting from other Wi-Fi policies assigned higher in the policy hierarchy. For example, if you assign this policy to a user, the setting is inherited from any Wi-Fi policies assigned to the user’s groups, folders, or zone.
This setting lets you control Wi-Fi connectivity. Select one of the following options:
Enable: Allows Wi-Fi connections.
Disable: Prevents Wi-Fi connections. Connections are blocked but the wireless adapter remains active in case you want to use wireless access points to determine location. To completely disable Wi-Fi adapters, use the Communication Hardware policy.
Inherit: Inherits this setting from other Wi-Fi policies assigned higher in the policy hierarchy. For example, if you assign this policy to a user, the setting is inherited from any Wi-Fi policies assigned to the user’s groups, folders, or zone.
You can use the
list to control connections to wireless access points. The list works as follows:When you add an access point, you designate it as prohibited or approved. Prohibited access points are filtered out of a device’s wireless network connection display. If a user manually connects to a prohibited access point, the connection is blocked.
All access points are approved (default approval) until you add one approved access point to the list (explicit approval). At that point, the default approval is ignored and only explicitly approved access points are allowed.
Prohibited access overrides approved access. For example, assume that you have multiple access points that share Novell as the SSID. You create an approved access point definition using Novell as the SSID, which results in all access points that share the Novell SSID being allowed. However, there is one Novell access point you want to prohibit, so you create a prohibited access point definition using the access point’s MAC address. Based on its SSID and MAC address, the access point matches both definitions (approved and prohibited). Prohibited access overrides approved access, so connection to the access point is prohibited.
The following table provides instructions for managing access points:
Task |
Steps |
Additional Details |
---|---|---|
Add a new access point |
|
|
Copy an access point from another policy |
|
All access points included in the selected Wireless policies are copied. If necessary, you can edit the copied access points after they are added to the list. |
Import an access point from a policy export file |
|
All access points included in the export file are imported. If necessary, you can edit the imported access points after they are added to the list. For information about exporting access points, see Export an access point. |
Edit an access point |
|
|
Export an access point |
|
|
Delete an access point |
|
|
Select the minimum security protocol that an approved access point must provide before a connection is allowed. For example, if you select
, only approved access points that provide WPA or WPA2 encryption are allowed.Select
to ignore minimum security. Select to inherit the minimum security from other Wi-Fi policies assigned higher in the policy hierarchy. For example, if you assign this policy to a user, the setting is inherited from any Wi-Fi policies assigned to the user’s groups, folders, or zone.Approved access points that fall below the minimum security level are not displayed in the device’s wireless network connections list when detected. If a user tries to manually define a connection to the access point, the connection is blocked.
This option is available only if you selected
, , or as the minimum security requirement.You can display a message when a wireless connection is blocked because the access point does not meet the minimum security requirement. Select
, then fill in the following fields:Title of Message Window: Specify the message window’s title.
Body: Provide the text for the message body.
Message Hyperlink: If you want to include a hyperlink, select
, then specify the display text for the hyperlink and the link command.