In today’s highly mobile society, it’s commonplace for users to connect to a variety of networks. For example, users may connect to a centralized domain when working at a corporate site, a residential gateway device when working from a home office, or a public access point (such as an airport or coffee shop) when traveling. Because each of these environments has different security requirements, it’s critical that mobile computers are configured appropriately. As outlined in this article, Windows Vista includes a mechanism for automatically detecting different locations and applying the appropriate security settings.
Choose a network location
Using an integrated discovery facility, Windows Vista automatically detects different types of networks. It then classifies the connection as one of the following network locations:
- Domain. The computer is joined to a domain controller, e.g. an Active Directory domain on a company intranet.
- Private. The computer is on a trusted network, e.g. one residing behind an internet gateway device in a home office.
- Public. The computer is connected to a public access network that has a direct internet connection, e.g. a public hot spot.
When Windows Vista detects a new network, it displays the Set Network Location dialog box. In this dialog box, you can confirm the network location by clicking on the appropriate link.
Open the Network And Sharing Center
After set your network location, you can manage network connectivity via the Network And Sharing Center. To open the Network And Sharing Center:
- Select Start Control Panel.
- Click the Network And Internet link.
- Click on the Network And Sharing Center link.
The main section of the Network And Sharing Center displays a network map depicting the state of your current network connection as well as the two subsections: Network and Sharing And Discovery.
View the full network map
The network map that appears depicts the result of the initial network discovery. For a more detailed view of the network, you can display a full map. To view the full network map:
- Click on the View Full Map link.
- Wait for Windows Vista to create the network map.
- Review the results for your network.
- Close the Network Map window.
Customize the network location
You can see that the Network section of the Network And Sharing Center reports that our network is private. The discovery process identifies a network as private if it detects some form of protection (e.g., an internet gateway device) during the discovery phase. If the discovery mechanism doesn’t detect any protection, it identifies the network as public. But you can easily modify the network location, if necessary. To customize the network location:
- In the Network section, click on the Customize link.
- In the Set Network Location dialog that appears, change the Network Name if desired.
- Specify the network’s location by selecting the appropriate option button; click Next.
- Review the summary of the network settings, and then close the Set Network Location dialog box.
Location behaviors
When you set a network location, Windows Vista automatically configures the appropriate firewall settings for the target location. You can use the Windows Firewall With Advanced Security, a local group policy object, to examine (and modify) each network location profile’s behavior. To view the behavior settings for network location profiles:
- Select Start Control Panel.
- Click on the System And Maintenance link.
- Click the Administrative Tools link.
- Open Local Security Policy.
- Expand the Windows Firewall With Advanced Security node, and then select the like named Local Group Policy Object.
- In the details pane, click on the Windows Firewall Properties link.
The Domain location
When a computer running Windows Vista joins an Active Directory domain, it automatically configures the existing network for the Domain location type. The computer determines that it’s on a network of the Domain location type because it can perform a computer-level authentication with a domain controller as part of normal Active Directory operations. The following settings are automatically configured for networks of the Domain network location type:
- Windows Firewall is turned on by default and configured by Group Policy settings downloaded from the Active Directory domain.
- Configuration for network discovery and file and printer sharing is based on Group Policy settings downloaded from the Active Directory domain.
The Private location
For the Private location type, Vista assumes that the computer is directly connected to a network that you know doesn’t contain malicious users and is separated from the Internet by a gateway or router with a firewall against incoming Internet traffic. Because of a safer networking environment, the following default settings are automatically configured for the Private network location type:
- Windows Firewall is turned on.
- Network discovery is turned on.
- All forms of file and printer sharing are turned off, including file sharing, printer sharing, public folder sharing, and media sharing.
The Public location
For the Public location type, Vista assumes that the computer is directly connected to the Internet, and therefore exposed to incoming malicious traffic. Note: Once you change Public or Private location default settings, the changes apply to every network assigned to that particular location type. The following default settings are automatically configured for the Public location type:
- Windows Firewall is turned on.
- Network discovery is turned off.
- All forms of file and printer sharing are turned off, including file sharing, printer sharing, public folder sharing, and media sharing.
Related Courses
- 5115 Installing and Configuring the Windows Vista™ Operating System
- 5116 Configuring Windows Vista Mobile Computing and Applications
- 5117 Installing, Configuring, Troubleshooting, and Maintaining Windows Vista®
- 5118 Maintaining and Troubleshooting Windows Vista Computers
0 comments:
Post a Comment