Network Bridging Security (Windows Embedded CE 6.0)
1/6/2010
A network bridge functions as a low-level networking service rather than as a server. It combines the traffic of multiple network interfaces at a very low level, and selectively forwards that traffic to all interfaces. The combination of different network media types, such as Ethernet and home phone-line networking, allows multiple physical network segments to appear as one network. This merging of network traffic of different media types poses a security risk because it can potentially expose traffic from a controlled network onto an uncontrolled network.
Examples for potential security risks are bridging a wired and wireless network, or a standard Ethernet network with a power line network. In both cases, you risk forwarding the internal traffic externally and potentially exposing internal hosts to external attacks.
Best Practices
.gif "Ee493225.collapse(en-US,WinEmbedded.60).gif")
Ensure that proper precautions are used on all connected networks to minimize risk
When bridging two networks of different media types, make sure that both networks have the proper authentication and encryption deployed to minimize the exposure of the devices on both networks.
Default Registry Settings
You should be aware of the registry settings that impact security. In the registry settings documentation you will find a Security Note for those values with security implications.
For Network Bridging registry information, see Network Bridging Registry Settings.