Re: Multiple Profile ~ XP



Barebone,

First of all you are dealing with multiple security issues here.

This is what I'd do. First, eliminate the modem option. The modem at
this point in time is probably one of the riskiest communication methods
if you work in an enterprise network environment.

Even thou, wireless has become one of the most use comm options it is
not secure unless you have IT experience. But undeniably it is a
necessary evil for most of the Cs and others executives.

The only thing you need is to create a script that test comm on both
interfaces (wired/wireless) and to shut down the wireless whenever a
wired connection has been established.

This will avoid bridges and other problems. I specifically suggest that
order because it's more easy to secure a wired connection than a
wireless.

Also, this will give you a very simple solution and it'll only require
one profile.

Jenner

On Mon, 2007-03-26 at 15:43 +0000, barebone@xxxxxxxxx wrote:
We have been using multiple profiles on our laptops since NT times. i.e. 1) Wireless 2) Wired 3) Modem

Basic purpose was to enhance security and ease of use for the end user.

I wanted to ask experts, what impact it makes if we create single profile and when user logs in XP will decide what type of connection is available.
My main security concern apart from operability is: if we create a single profile, is it possible for a regular user to create bridge connection that makes the computer a routing device (intentionally or unintentionally). If possible can we restrict them through group policy.

Problem we are facing in multiple profile is during the patch deployment, end user has to physically re-login on the machine, otherwise it stuck on profile selection screen. Although we could have created an automated timer for default profile, however different users have different default.

I would appreciate any input.


Thanks

P.S: please let me know if I have posted this question in the wrong forum.