[fw-wiz] OT: Aircards

I apologize for the OT post, but I wanted to pose the question on this list
because of the quality of response this list's members often give.

OK, so aircards (PPP over cellular) are cool. At a conference in Chicago
this summer I noticed they were "the" laptop accessory to have. Cheap,
go-anywhere Internet access is a dream come true for businesses with a
population of road-warrior employees.

However, I see a huge security management headache for businesses that use
them when their road warriors come home to roost. Specifically, you now
have a good chance that one of your users will simultaneously connect to
your internal network and their aircard carrier. This opens a multitude of
security issues, but the big issue being the possibility that their laptop
is compromised via their aircard and then used as a launch point for an
attack against your internal network. It's not a new problem, but one I
consider more severe than a rogue wireless AP and more likely than someone
actually getting DSL or dial-up access at their desk.

So I'm looking for ideas on how to manage this specific risk. Ideally, each
user's laptop would turn off their aircard connection if it detected an IP
address assigned to another interface. But at this point I'm wide open to
ideas and suggestions. Right now I'd just be happy if I had a reliable
method of detection.

I know some DoD/DoJ consultants are allowed to use aircards. How are other
organizations managing this risk?


firewall-wizards mailing list