Connection Manager Security (Windows Embedded CE 6.0)

1/6/2010

Connection Manager supports dual-homed devices, which are devices that can have multiple connections available and active at the same time. A dual-homed device frequently provides the most optimal behavior; however, it can be subject to special security threats, such as the potential for bridging between two networks.

Network bridging threats occur when a dual-homed device tries to establish multiple types of connections. For example, when a Windows Embedded CE powered device has an active Internet connection and the user establishes a Desktop Pass-through (DTPT) connection. For more information about DTPT Security, see Connection Manager ActiveSync Desktop Pass-through (DTPT).

Connections That Provide Enhanced Security

To help prevent bridging between two networks and possible leaking between two interfaces, Connection Manager supports connections that are more secure. To improve security, you can specify the Secure parameter for most of the Open Mobile Alliance (OMA) Client Provisioning (formerly WAP Client Provisioning) configuration service providers for Connection Manager

DTPT connections are always configured as more secure by default. Therefore configuring a connection as nonsecure by setting the value of Secure to 0 (zero) is not supported for a DTPT connection.

You can determine whether a connection provides enhanced security by performing an XML query. You can also determine this by using the ConnMgrQueryDetailedStatus function, in which case the dwSecure flag indicates whether a connection provides enhanced security.

See Also

Other Resources

Connection Manager Application Development
Connection Manager