Manualshelf

User guide

ManualsBrandsCheck Point Software Technologies ManualsNetworkingSafe@Office 1000NW
431432433434435436437438439440
Using Secure HotSpot
Chapter 13: Setting Your Security Policy 421
My HotSpot page. For information on excluding network objects from HotSpot
enforcement, see Using Network Objects on page 227.
Important: SecuRemote/SecureClient/L2TP/Endpoint Connect VPN software users
who are authenticated by the Internal VPN Server are automatically exempt from
HotSpot enforcement. This allows, for example, authenticated employees to gain full
access to the corporate LAN, while guest users are permitted to access the Internet
only.
Note: HotSpot enforcement can block traffic passing through the firewall; however, it
does not block local traffic on the same network segment (traffic that does not pass
through the firewall).
Setting Up Secure HotSpot
To set up Secure HotSpot
1. Enable Secure HotSpot for the desired networks.
See Enabling/Disabling Secure HotSpot on page 422.
2. Customize Secure HotSpot as desired.
See Customizing Secure HotSpot on page 423.
3. Grant HotSpot Access permissions to users on the selected networks.
See Adding and Editing Users on page 680.
4. To exclude specific computers from Secure HotSpot enforcement, add or edit
their network objects.
See Adding and Editing Network Objects on page 229.
You must select Exclude this computer/network from HotSpot enforcement option.
5. Add quick guest users as needed.
See Adding Quick Guest Users on page 685.