How to automatically limit GPRS-usage to urgent matters only ?

Discussion in 'Wireless Networking' started by Jan, Feb 22, 2005.

  1. Jan

    Jan Guest

    Hi,

    Situation :
    Multiple engineers in the field using laptops most of them running WinXP
    (some home some prof). On the road they have GPRS (pay per MB) connectivity
    for urgent matters (e-mail, transmission of worksheets, ..). For less
    urgent communications they all have ADSL (flat rate) at home and in the
    office they can connect directly to the company-LAN.

    Questions :
    1. How can I automatically disallow some programs to communicate when only
    GPRS connectivity is available ? I don't want for example "windows update"
    or "antivirus update" to proceed using the expensive GPRS-connectivity.
    These programs should only communicate when ADSL or LAN connectivity is
    available.
    2. How can I prevent the engineers from surfing the internet when only GPRS
    connectivity is available ? (Telling them not to do so, seems not enough
    for a few of them)

    Any hints most welcome.

    Thanks,
    Jan
     
    Jan, Feb 22, 2005
    #1
    1. Advertisements

  2. Jan

    Mungo Bulge Guest

    In our organisation, we have an acceptable use policy, which works
    quite well. However, you have to have the backing of upper management.
    Then when you find the first violation, you charge back the cost. When
    you find the second violation, you fire the person. But then, we take
    our practices and procedure seriously. An other organisation I work
    for had a "3rd Party" oversee the security aspects of their networks
    and assets. That 3rd part was called IM Secure, they were responsible
    to the Provost Marshal and they carrier 9mm side arm. Nobody argued
    over policies.

    | Hi,
    |
    | Situation :
    | Multiple engineers in the field using laptops most of them running
    WinXP
    | (some home some prof). On the road they have GPRS (pay per MB)
    connectivity
    | for urgent matters (e-mail, transmission of worksheets, ..). For
    less
    | urgent communications they all have ADSL (flat rate) at home and in
    the
    | office they can connect directly to the company-LAN.
    |
    | Questions :
    | 1. How can I automatically disallow some programs to communicate
    when only
    | GPRS connectivity is available ? I don't want for example "windows
    update"
    | or "antivirus update" to proceed using the expensive
    GPRS-connectivity.
    | These programs should only communicate when ADSL or LAN connectivity
    is
    | available.
    | 2. How can I prevent the engineers from surfing the internet when
    only GPRS
    | connectivity is available ? (Telling them not to do so, seems not
    enough
    | for a few of them)
    |
    | Any hints most welcome.
    |
    | Thanks,
    | Jan
    |
    |
     
    Mungo Bulge, Feb 22, 2005
    #2
    1. Advertisements

  3. Jan

    Jan Guest

    Mungo,

    Thanks for your suggestions.
    However this is Belgium, a country were arms are mostly illegal and were
    employees are very (too) well protected. I seriously doubt an employee can
    be forced over here to pay back the cost of the connection or can be fired
    because he used the internet through the wrong connection. It would anyway
    be a very complicated procedure, and with a bit a bad luck, the whole
    company might go on strike.

    Anyway, even with the perfect employee, what to do with "Windows Update" and
    the "Antivirus update" which I both like to be in "automatic update mode" in
    case of ADSL or LAN connectivity, but NO updates during GPRS-connectivity.
    Any solution here ?

    Thanks,
    Jan
     
    Jan, Feb 22, 2005
    #3
  4. Jan

    Guest Guest

    For a ready solution, maybe deterministicnetworks.com has what you need.

    Another simple solution is to install a firewall like ZoneAlarm, and define
    that only specified apps (email) can access internet. Turn it off when on the
    corp LAN.

    Self-made solution:
    Write a IM driver that will filter DNS requsts and pass only servers allowed
    by you.
    So, random apps won't be able to connect to random sites.
    Also it can filter traffic by protocol and port.
    Also it can count all traffic and show popup nags to the user.

    Regards,
    --PA
     
    Guest, Feb 22, 2005
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.