Setting up Scenario Two location awareness conditions

In Scenario Two, you use the same two remote locations as specified in Scenario One and two office locations, for a total of four locations.
You would add the following office location:
  • Clients in the office that log on over an Ethernet connection.
  • Clients in the office that log on over a wireless connection.
It simplifies management to leave all clients under the default server control mode. If you want granular control over what your users can and cannot do, an experienced administrator can use mixed control. A mixed control setting gives the end user some control over security settings, but you can override their changes, if necessary. Client control allows users a wider latitude in what they can do and so constitutes a greater risk to network security.
Symantec suggests that you use client control only in the following situations:
  • If your users are knowledgeable about computer security.
  • If you have a compelling reason to use it.
You may have some clients that use Ethernet connections in the office while other clients in the office use wireless connections. For this reason, you set the last condition in the procedure for wireless clients in the office. This condition lets you create an Ethernet location Firewall policy rule to block all wireless traffic when both kinds of connections are used simultaneously.
To set up the office location for the clients that are logged on over Ethernet
  1. On the
    Clients
    page, select the group for which you want to add a location.
  2. Under
    Tasks
    , click
    Add Location
    .
  3. In the
    Add Location Wizard
    , click
    Next
    .
  4. Type a name for the location, optionally add a description of it, and then click
    Next
    .
  5. In the list box, select
    Client can connect to management server
    , and then click
    Next
    .
  6. Click
    Finish
    .
  7. Click
    OK
    .
  8. Under
    Tasks
    , click
    Manage Locations
    , and then select the location you created.
  9. Beside
    Switch to this location when
    , click
    Add
    , and then select
    Criteria with AND relationship
    .
  10. In the
    Specify Location Criteria
    dialog box, from the
    Type
    list, click
    Network Connection Type
    .
  11. Click
    If the client computer does not use the network connection type specified below
    .
  12. In the bottom list box, select the name of the VPN client that your organization uses, and then click
    OK
    .
  13. Click
    Add
    and then click
    Criteria with AND relationship
    .
  14. In the
    Specify Location Criteria
    dialog box, from the
    Type
    list, click
    Network Connection Type
    .
  15. Click
    If the client computer uses the network connection type specified below
    .
  16. In the bottom list box, select
    Ethernet
    , and then click
    OK
    .
  17. Click
    OK
    to exit the Manage Locations dialog box.
To set up the office location for the clients that are logged on over a wireless connection
  1. On the
    Clients
    page, select the group for which you want to add a location.
  2. Under
    Tasks
    , click
    Add Location
    .
  3. In the
    Add Location Wizard
    , click
    Next
    .
  4. Type a name for the location, optionally add a description of it, and then click
    Next
    .
  5. In the list box, click
    Client can connect to management server
    , and then click
    Next
    .
  6. Click
    Finish
    .
  7. Click
    OK
    .
  8. Under Tasks, click
    Manage Locations
    , and then select the location that you created.
  9. Beside Switch to this location when, click
    Add
    , and then click
    Criteria with AND relationship
    .
  10. In the
    Specify Location Criteria
    dialog box, from the
    Type
    list, click
    Network Connection Type
    .
  11. Click
    If the client computer does not use the network connection type specified below
    .
  12. In the bottom list box, select the name of the VPN client that your organization uses, and then click
    OK
    .
  13. Click
    Add
    , and then click
    Criteria with AND relationship
    .
  14. In the
    Specify Location Criteria
    dialog box, from the
    Type
    list, click
    Network Connection Type
    .
  15. Click
    If the client computer does not use the network connection type specified below
    .
  16. In the bottom list box, click
    Ethernet
    , and then click
    OK
    .
  17. Click
    Add
    , and then click
    Criteria with AND relationship
    .
  18. In the
    Specify Location Criteria
    dialog box, from the
    Type
    list, click
    Network Connection Type
    .
  19. Click
    If the client computer uses the network connection type specified below
    .
  20. In the bottom list box, click
    Wireless
    , and then click
    OK
    .
  21. Click
    OK
    to exit the
    Manage Locations
    dialog box.