|
|
|
|
| Caption |
Value |
Description
|
Datei:MS 2.11 Android Profile Netzwerke-en.png Networks
|
| Always on VPN
|
| Enable "Always-On-VPN" |
|
- Activates the “Always-On VPN” configuration, which means that the VPN remains permanently active and connected to ensure a continuous and secure network connection
- This option is particularly useful to ensure that all data transfers are made over an encrypted connection and no unprotected connections are allowed
- Negligible for mobile security, as this option is implicitly set by the app
|
| Package name |
de.securepoint.ms.agent |
The package name of the VPN app.
|
| Lockdown enabled |
|
- This option prevents all network connections when the VPN is not connected
- It ensures that no data can be transferred if the VPN fails or is disconnected for any reason, thereby guaranteeing the security of the data
|
| Recommended global proxy
|
| Activate the global proxy |
|
- Allows you to specify a global proxy to be used for all network connections on the device
- After enabling this option, details of the global proxy can be configured to route all traffic through a specified proxy server, providing additional security and control over network connections
|
| Host |
Hostname |
- The host name or IP address of the direct proxy used for forwarding network traffic
- This setting defines where the connections should be forwarded to before they reach the destination
|
| Port |
Port number |
The network port of the direct proxy that is used together with the host to route the data traffic
|
| Excluded host |
Hostnames |
- When using a direct proxy, certain hosts can be specified for which the proxy is bypassed
- These hosts, often defined as wildcards such as *.example.com, are contacted directly without going through the proxy
- This can be useful for local or trusted domains where the proxy is not required
|
| PAC URI |
URI |
- The URI (Uniform Resource Identifier) of the PAC (Proxy Auto-Configuration) script used to configure the proxy
- A PAC script is a file that regulates how web browsers and other user agents select a suitable proxy for the connection to a specific URL
- The PAC URI specifies the location of this script, which is retrieved by the device and used to dynamically apply the proxy settings
|
| Network configuration
|
| Network configurations |
Add configuration |
Configuring Access Profiles for WiFi Networks
|
| Name |
ttt-point Headquarters |
The name of the configuration gives the specific network configuration a unique and meaningful identifier
|
| Type |
WiFi |
The configuration type is predefined
|
| Wifi
|
| SSID |
ttt-point-headquarter-WIFI |
- The SSID (Service Set Identifier) of the network is the unique name assigned to a WLAN network
- This name is displayed when searching for available networks and enables devices to select the desired network for connection
|
| Security |
WPA-EAP |
- This option allows you to select the security level for the network
- Common security levels include WEP, WPA, WPA2 and WPA3
- The security level determines how data transmissions in the network are encrypted and protected to prevent unauthorized access
|
Passwort
Nur bei WEP-PSK und WPA-PSK |
•••••••••• |
Passwort für die Authentifizierung beim inneren Protokoll Even if it sounds trivial: WIFI.MyCompany.123 or Location.HouseNumber are no secure passwords! Also 1234 and abcd or qwerty are not' really secure passwords! |
EAP notempty
Nur bei WPA-EAP und WEP-8021X
|
| Äußeres Protokoll |
EAP-TLS |
- Das äußere Protokoll für EAP
- Auswahlmöglichkeiten: EAP-TLS, EAP-TTLS, EAP-SIM, EAP-AKA, PEAP
|
Inneres Protokoll
Nur bei EAP-TTLS und PEAP |
MSCHAPv2 |
- Das innere Protokoll für EAP
- Auswahlmöglichkeiten: MSCHAPv2, PAP
|
| Identität |
Identität |
Identität für die Authentifizierung beim inneren Protokoll
|
Passwort
Nur bei EAP-TTLS und PEAP |
Passwort |
Passwort für die Authentifizierung beim inneren Protokoll
|
| Anonyme Identität |
Anonyme Identität |
Identität für die Authentifizierung beim äußeren Protokoll
|
| Valide Server-Domains |
Valide Server-Domains |
Eine Liste an Domains, welche zur Validierung des Authentifizierungs-Servers dient
|
Client-Zertifikat
Nur bei EAP-TLS |
|
Das Client-Zertifikat
|
| Valide CAs |
Liste an CAs |
Eine Liste an CAs, welche vom Client zur Validierung des Server-Zertifikats verwendet werden
|
|
|
| Hidden SSID |
|
- Determines whether the SSID of the network is hidden
- If this option is activated, the SSID is not displayed in the list of available networks and devices must enter the SSID manually to establish a connection
- This can increase network security by making it more difficult for unauthorized users to find the network
|
| Autoconnect |
|
The device should automatically connect to the network
|
|
|
