This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Dave
Participant
‎2022-05-09 05:15 AM

Infected host on guest network

So i'm going through the security checkup report and notice there are 2 infected hosts identified that were connected to our guest network.

I can't really see who they are, but it could be potentially an employee that connected to the guest network for some reason and will connect again to the corporate at some point in time.

How do you guys deal with these kind of issues, or which measures should and can i think so theses hosts don't infect other machines on the corp network?

 

Preview file
171 KB
0 Kudos
1 Reply
Perry_McGrew
Contributor
‎2022-05-09 06:57 AM

Guest network is segregated from our corporate networks using VLAN and use ACL's to prevent access from the Guest Subnet to our corporate business networks.  We set up Read Only AD DC and since Guest is a Wi-Fi network, we use MAC filtering and Web Auth to control how and who can log on to Guest.  Corporate PCs are blocked by GPO from joining Guest SSID.   We use a cheap Spectrum circuit for Guest internet access -- have Policy Based Routing on the Check Point GW to send it out the Spectrum circuit instead of our corporate Internet.   

Its not a perfect system but has worked well for us over the years. 

0 Kudos