In order to prevent bridging between secure networks and insecure networks, many enterprises adopt security policies forbidding simultaneous use of secure enterprise network connections and other insecure network connections. As network devices evolve to support multiple network interfaces, however, use of multiple network access technologies for enabling simultaneous network connections has become commonplace. Unfortunately, increased support for simultaneous network connections has increased the risk of security policy breaches.
In general, a combination of mechanisms is typically used to reduce the probability of bridging between secure enterprise networks and insecure networks. For example, firewalls may be used to prevent incoming traffic from insecure networks from accessing the secure enterprise network. Additionally, client software is often installed on network devices for removing routing table entries to Internet connections in response to the establishment of a secure network connection. Unfortunately, such mechanisms have numerous drawbacks.
Although firewalls block inbound Internet traffic, firewalls do not prevent accidental, user-initiated Internet connections. Similarly, firewalls do not prevent automated, software-initiated Internet connections. A drawback of removing routing table entries to Internet connections is that other processes on the network device may re-add the routing table entries, reintroducing a bridge between the secure network and insecure network. This may occur, for example, upon insertion of a wireless card into a network device during an active enterprise network connection. Furthermore, such mechanisms lack security policy enforcement from an enterprise network perspective (i.e., enterprise network servers are unable to determine the status (e.g., active versus inactive) of client software designed to prevent bridging).