hesamasghari 0 Posted April 21 Share Posted April 21 Hi Within the network infrastructure, we use both LAN and Wi-Fi to connect systems to the network, but we have created restrictions on Internet access. Now we have noticed that a number of users use mobile hotspot and connect to the Internet illegally. We want to use ESET Endpoint Security to create a restriction so that the systems can use the WIFI of the network, but it is not possible to use the Hotspot, and in case of connection, all traffic will be blocked. Please guide us in this regard Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted April 21 Administrators Share Posted April 21 Unfortunately blocking of USB tethering is not currently supported by Device control in ESET Endpoint products. Link to comment Share on other sites More sharing options...
hesamasghari 0 Posted April 21 Author Share Posted April 21 The main purpose of using the firewall module is to block internal traffic when using a hotspot or any network other than the internal network. It means that when the user is connected to the LAN network and the external network at the same time, the user cannot see the internal network while using the Internet. Link to comment Share on other sites More sharing options...
santoso 7 Posted April 22 Share Posted April 22 We also need this. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted April 22 Administrators Share Posted April 22 Support for blocking USB tethering is already on the improvement list for future versions. Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 206 Posted April 22 Most Valued Members Share Posted April 22 (edited) 22 hours ago, hesamasghari said: Hi Within the network infrastructure, we use both LAN and Wi-Fi to connect systems to the network, but we have created restrictions on Internet access. Now we have noticed that a number of users use mobile hotspot and connect to the Internet illegally. We want to use ESET Endpoint Security to create a restriction so that the systems can use the WIFI of the network, but it is not possible to use the Hotspot, and in case of connection, all traffic will be blocked. Please guide us in this regard I don't know if this helps , but could help , https://answers.microsoft.com/en-us/windows/forum/all/how-do-i-restrict-the-wireless-connections-to-just/da39ebf3-c88e-4e8a-be23-7a2a5c1fd78e But I don't know how safe it is , I could because bring a SIM internet receiver , and put an ethernet to the PC directly and work , then the WIFI preventions won't help that much , unless also blocking the ethernet from taking from other places is a possible option but I have never done that or seen that. Edited April 22 by Nightowl Link to comment Share on other sites More sharing options...
Studio_two 0 Posted May 8 Share Posted May 8 Can you not restrict the client (ESET Firewall) to only use certain DNS Servers? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted May 8 Administrators Share Posted May 8 Do you mean blocking DNS communication with a specific IP address so that the system would be forced to use the secondary DNS server configured in the system? Link to comment Share on other sites More sharing options...
Studio_two 0 Posted May 9 Share Posted May 9 16 hours ago, Marcos said: Do you mean blocking DNS communication with a specific IP address so that the system would be forced to use the secondary DNS server configured in the system? Yes. Within the ESET firewall, just block all DNS traffic apart from the DNS server for the local LAN. In that way, they can connect to the hotspot, but they won't be able to access anything. I'm assuming that these are desktop machine that will not be used outside of the local LAN. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted May 9 Administrators Share Posted May 9 A rule like this should work. Add the IP addresses of the DNS servers you want to block in the Remote host: Link to comment Share on other sites More sharing options...
Recommended Posts