Using GPO to lock down Wifi on a workstation

As we cross into Windows 7 and Vista environments there is a huge win on the Infrastructure side

Manageability.

Vista and Windows 7 were born into Wireless and of course the need for Wireless security.  Windows XP existed as it grew.  As such certain things are apparent.

You REALLY need to control WIFI.

And so with Vista and Windows 7 with Group Policy it’s incredibly EASY!

Within Group Policy under Server 2008 you can now deploy Policies which govern what networks can or cannot be used including standards for a Corporate Network.  Just create a new Group Policy (or edit an existing one, here we’re creating a new one) We need to make a change under “Computer Configuration/Windows Settings/Securit Settings/Wireless Network (IEEE 802.11) Policies”

gpowifi1

gpowifi2

 

It’s as simple as “New Vista Policy” and fill in the dotted lines! Give the Policy a Description and Name, You can choose whether or not to Enforce the use of the Windows WLAN Autoconfig from here as well, to enforce that

Wireless setup office wide is standardized and easier for support. 

  gpowifi3

 

At this point, you can add the Wifi hot Spots that are approved for your corporation.  Take note as well, the Wifi passwords are NOT kept in the GPO, they do have to be typed in on per machine basis.  But you can pre-configure the systems so that’s all you DO need to type in.    You can even enforce many of the Wifi roaming options on the PC’s

 

 

 gpowifi4 gpowifi5

 

As you can see below you can be as flexible as you want on your Wireless environment or ridiculously locked down as you want.  Your choice 🙂

 

gpowifi6

 

You can also create Wireless policies for Windows XP, to at least allow for some pre-configuration of the units.   But Windows XP cannot be locked down on Wifi nearly as beautifully as Windows 7 or Vista.  A nice feature if you DO have these in your environment.

 

gpowifi7

gpowifi8 

Make sure you apply this policy on your Computers that have Wireless only or you’ll be spending all day typing in Wireless passwords on machines that will never have wifi.

 

Windows 7 and Vista and GPO

The Power is yours, leverage it.

Sean
The Energized Tech

Leave a Reply