Today, the popularity of mobile devices be quickly applied, many
employees have a none corporate mobile device (IPAD,
iPHONE, etc.) , it challenges the network security of corporate
to connect a mobile device to wireless corporate network
as one pleases, to prevent that employees connect their mobile
device to wireless corporate network to use the corporate
internet to surf, it is an important task for us, how to do
this? The following example will demonstrate the point.
We need tow network devices, a
switch with mirror port and a wireless router and
application can send data via mirror port of switch, see the
Step1: To connect a PC to
wireless router and change LAN port IP address of the wireless
router, it will avoid conflicts with other devices within the
Step2: Disenable DHCP
function of the wireless router.
Step3: Connect the wireless
router to switch via LAN port of the wireless router.
Step4: Set mobile devices
and connect them to wireless router.
Step5: Connect the monitor
PC with Sax2 to mirror port of the switch.
3. Build a
policy for Sax2 to prevent mobile devices access to app store
Step1: Launch Sax2 and open the
"security policy" window, then derive a new policy set from
the "default" policy set, see the following figure:
Select the new policy set and click the "edit" button on
left to open setting window, see the following figure:
Step3: Switch to "Custom" page and select the "HTTP"
item in right pane, click the "New" button to create a
new policy, then enter the name of policy, select
"Blocking and Log" response scheme, enter domains to be
prohibited access, for example:
here, the settings has been finished, see the following
Step4: Save settings of policy and apply the new
policy set, now we can prevent mobile devices to connect
internet, about policy settings, please visit
http://sax2help.ids-sax2.com/ to learn more