How can i block user to connect wifi using Cortex

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

How can i block user to connect wifi using Cortex

L1 Bithead

We were using Symantec to block user's to connect Wifi. But using Cortex how can i block the wifi.

 

Can someone advice me on this. 

 

Thanks 

7 REPLIES 7

L2 Linker

As far as I know, Cortex XDR does not support the function of blocking WIFI connection

Thanks for the reply Grady

 

Is there any workaround for this? 

My scenario is i don't want my users to connect their office Pc's with personal hotspot and browse the internet. How can i block that 

 

Is there any solution for that ? 

If you have a Paloalto firewall as an exit, you can use GlobalProtect and enable Enforce GlobalProtect Connection for Network Access to ensure that you must dial into GlobalProtect to access the Internet
You can refer to the following connection step 4
https://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/globalprotect-portals/custo...

 

If there is no Paloalto firewall, consider using desktop management software like Symantec for control

Hi @Sulthan.Ibrahim ,

 

If you are able to capture the specific device type GUID of the NIC card of your wifi device on the endpoint, you can create custom device type on Cortex XDR and add it to blocking under the "Device Configuration" profile of "Extension Policy Rules" of Cortex XDR. 

Screenshot 2023-01-29 at 8.44.29 PM.png

 

Steps:

 

  1. Go to Endpoints Tab> Policy Management.
  2. Under Settings> Device Configuration, click "Add Device"
  3. Add the device name and GUID details
    Screenshot 2023-01-29 at 8.47.21 PM.png
  4. Once added, go to Device Configuration profile of your choice or create a new one.
  5. Under Custom Device Type, select your device name and set the configuration to "Block" as shown below:
    neelrohit_0-1674996745670.png

     

This should allow you to block the wifi device of your endpoint. If the idea is to block only the wifi device and not network connectivity, then this should ideally be helpful. Alternatively, if you want to firewall the endpoint for all types of network connectivity you can use host firewall for the same.

 

Hope this helps. Please mark the response as "Accept as Solution" if it helps with your query.

 

Regards

Thanks for the update Neelrohit

 

So based on your solution i can add my office WIFI device GUID (Which i want to allow users to connect) in the exception where user can connect only to the added GUID devices not their personal hotspot..

 

Correct me if i am wrong. 

Hi @Sulthan.Ibrahim ,

 

You will have to add the GUIDs of the WIFI NIC of your endpoints to block the WIFI connection and not the NIC GUID of your wifi routers to do the blocking as the agent can block only connections on physical device contexts.

 

 

L5 Sessionator

Hi @Sulthan.Ibrahim ,

 

Please mark the response as "Accept as Solution" if that was able to help you.

  • 2170 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!