This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

How can i block user to connect wifi using Cortex

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

How can i block user to connect wifi using Cortex

Sulthan.Ibrahim
L1 Bithead

‎01-28-2023 10:45 PM - edited ‎01-28-2023 10:46 PM

We were using Symantec to block user's to connect Wifi. But using Cortex how can i block the wifi.

 

Can someone advice me on this. 

 

Thanks 

0 Likes Likes
7 REPLIES 7

Grady
L2 Linker

‎01-29-2023 12:53 AM

As far as I know, Cortex XDR does not support the function of blocking WIFI connection

Sulthan.Ibrahim
L1 Bithead
In response to Grady

‎01-29-2023 01:34 AM

Thanks for the reply Grady

 

Is there any workaround for this? 

My scenario is i don't want my users to connect their office Pc's with personal hotspot and browse the internet. How can i block that 

 

Is there any solution for that ? 

0 Likes Likes

Grady
L2 Linker
In response to Sulthan.Ibrahim

‎01-29-2023 01:43 AM

If you have a Paloalto firewall as an exit, you can use GlobalProtect and enable Enforce GlobalProtect Connection for Network Access to ensure that you must dial into GlobalProtect to access the Internet
You can refer to the following connection step 4
https://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/globalprotect-portals/custo...

 

If there is no Paloalto firewall, consider using desktop management software like Symantec for control

neelrohit
L5 Sessionator
In response to Grady

‎01-29-2023 04:54 AM - edited ‎01-29-2023 11:06 PM

Hi @Sulthan.Ibrahim ,

 

If you are able to capture the specific device type GUID of the NIC card of your wifi device on the endpoint, you can create custom device type on Cortex XDR and add it to blocking under the "Device Configuration" profile of "Extension Policy Rules" of Cortex XDR. 

Screenshot 2023-01-29 at 8.44.29 PM.png

 

Steps:

 

  1. Go to Endpoints Tab> Policy Management.
  2. Under Settings> Device Configuration, click "Add Device"
  3. Add the device name and GUID details
    Screenshot 2023-01-29 at 8.47.21 PM.png
  4. Once added, go to Device Configuration profile of your choice or create a new one.
  5. Under Custom Device Type, select your device name and set the configuration to "Block" as shown below:
    neelrohit_0-1674996745670.png

     

This should allow you to block the wifi device of your endpoint. If the idea is to block only the wifi device and not network connectivity, then this should ideally be helpful. Alternatively, if you want to firewall the endpoint for all types of network connectivity you can use host firewall for the same.

 

Hope this helps. Please mark the response as "Accept as Solution" if it helps with your query.

 

Regards

Sulthan.Ibrahim
L1 Bithead
In response to neelrohit

‎01-29-2023 09:54 PM

Thanks for the update Neelrohit

 

So based on your solution i can add my office WIFI device GUID (Which i want to allow users to connect) in the exception where user can connect only to the added GUID devices not their personal hotspot..

 

Correct me if i am wrong. 

0 Likes Likes

neelrohit
L5 Sessionator
In response to Sulthan.Ibrahim

‎01-29-2023 10:14 PM

Hi @Sulthan.Ibrahim ,

 

You will have to add the GUIDs of the WIFI NIC of your endpoints to block the WIFI connection and not the NIC GUID of your wifi routers to do the blocking as the agent can block only connections on physical device contexts.

 

 

0 Likes Likes

neelrohit
L5 Sessionator

‎02-07-2023 07:00 AM

Hi @Sulthan.Ibrahim ,

 

Please mark the response as "Accept as Solution" if that was able to help you.

0 Likes Likes
  • 3193 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks