This guide is for IT support.
Walled Garden checks if Linewize Connect is installed on user-supplied (BYO) devices when the device attempts to access your school’s physical network. If Connect is not running on the users’ devices, they will be redirected to download the Connect installer. Once Connect is protecting a BYOD device, it will be able to access your school’s physical network.
Enabling Walled Garden
Warning
Do not enable Walled Garden without the assistance of a Linewize Service Delivery Engineer or Linewize Support. Walled Garden prevents devices from accessing the internet unless Linewize Connect is running.
- Navigate to Configuration > Walled Garden.
- Select the Enabled checkbox.
- Once this option is enabled, more settings will appear.
- Set the Redirect URL to the Linewize Connect download page:
http://download.linewize.net
Inclusions
You can limit the scope of Walled Garden to manage the number of devices being onboarded in phases. As needed, you can also require Walled Garden based on network or device criteria.
Important
When first setting up Walled Garden, the scope should be as limited as possible, such as by a User or Group, and not by Network Range or IP Objects. Doing this will ensure that all users at the school will not be affected at the same time.
- Select Add Inclusion.
- Select a Criteria using the drop-down.
| Criteria | Description | Example |
|---|---|---|
| Group | (Recommended) Applies to include a predefined group using Configuration > Users and Groups > Groups | Include a Students group |
| User | (Recommended) Applies to a specific user using Configuration > Users and Groups > Users | student1@school.com |
| Network Range | Applies to an IP Range. The rule will apply to any device connecting to or from that Network range. | 192.168.0.10 - 192.168.0.25 |
| Network | Applies to an IP Subnet. The rule will apply to any device connecting to or from that network. | 192.168.0.0/255.255.255.0 |
| IP Address | Applies to a single IP Address. The rule will apply to any device connecting to or from that IP address. | 192.168.0.1 |
| IP Address Object | Applies to a list of predefined IP Addresses using Object > Pools. The rule will apply to any IP address connecting to or from that list. | 192.168.0.1 192.168.0.2 192.168.0.3 |
- Once complete, select Add Inclusion.
Exceptions
You can use Exceptions to exclude your IT infrastructure, school applications, administrative or teaching staff from being required to run Connect to access your school’s physical network.
- Select Add Exception.
- Select a Criteria using the drop-down.
| Criteria | Description | Example |
|---|---|---|
| Application | Applies to a specific application | Google Play |
| Website | Applies to a specific website | google.com |
| Website Object | Applies to a list of predefined websites using Object > Pools | google.com bing.com bbc.co |
| Group | Applies to include a predefined group using Configuration > Users and Groups > Groups | Include a Students group |
| User | Applies to a specific user using Configuration > Users and Groups > Users | student1@school.com |
| Network Range | Applies to an IP Range. The rule will apply to any device connecting to or from that Network range. | 192.168.0.10 - 192.168.0.25 |
| Network | Applies to an IP Subnet. The rule will apply to any device connecting to or from that network. | 192.168.0.0/255.255.255.0 |
| IP Address | Applies to a single IP Address. The rule will apply to any device connecting to or from that IP address. | 192.168.0.1 |
| IP Address Object | Applies to a list of predefined IP Addresses using Object > Pools. The rule will apply to any IP address connecting to or from that list. | 192.168.0.1 192.168.0.2 192.168.0.3 |
- Linewize Support will assist you with adding the following Exceptions:
- Application - Linewize, Qoria, Apple
- Website - microsoft.com, (used to allow Windows SmartScreen)
- Website - fz-mza-update-files.s3.ap-southeast-2.amazonaws.com
- When complete, select Save.
Comments
0 commentsPlease sign in to leave a comment.