Re: Wireless Equipment and Wireless Security


Subject: Re: Wireless Equipment and Wireless Security
From: R. Andom (random@artificiallives.com)
Date: Sun Dec 23 2001 - 14:51:12 AKST


Sorry for the late reply on these two threads.. just got around to reading
my mailing list email.

For Wireless gear I tend to prefer the Aironet stuff. As for using the
Access Points as bridges - no. You can buy the Bridges which will also play
access point if you let them (at an additional approx $500).

Now that I have said that Cisco does offer a product called the workgroup
bridge. It is a device developed to connect small groups of wired people to
an access point. It is a nifty solution if you want to connect small
networks up to your access points without installing wireless cards in them.
Here is a link to one of Cisco's document on this device:
http://www.cisco.com/univercd/cc/td/doc/pcat/350wgbr.htm

On security - in most networks where they want something more than WEP we
have to design IPSec over wireless infrastructures. In bigger environments
these days we typically drop a router on either end of the connection then
do an IPSec tunnel across the wireless network in our designs.

This provides protection but makes it transparent to the end user. If you
have other wireless users on the network you can have them load a vpn client
and vpn in.

If you are in a network which support EAP you can do something else with
Cisco gear. You can use Dynamic WEP. This generates a new encryption key per
login. Pretty nifty stuff. I haven't implimented it yet but one of these
days I figure one of our clients will eventually decide it would be a good
way to go. The Linux Aironet client also supports using EAP but I haven't
seen it in action yet.

Anyway, thats my 2 cents on the topic..

-Alan
saono@artificiallives.com



This archive was generated by hypermail 2a23 : Sun Dec 23 2001 - 14:51:17 AKST