Good moring Boris
I do not know any good manufacturer of of Wireless LAN. To do the
encryption it depends how the WLAN device is connected.
o If it is something like a modem which broadcasts the information, than I
would use something like Gretacoders between the router and the WLAN
device.
o If the devices require IP addresses, then I would try to use CISCO
routers
with IPSEC enabled (3DES) (and ACLs of course).
o If CISCO and IPSEC is not good enough, I would put a SunScreen SPF-200
between the WLAN device and the router. SunScreen SPF-200 can do strong
encryption using SKIP and it has the advantage, that it is not visible.
As I know you quite a few of them already.
For me the most important point is to avoid to feed in unwanted data over
the air. A second point is to control incoming traffic from your customers
(Or stop employees from hacking).
The only difference to a standard connection is the transport. Instead of
using copper of fibre, you are using microwaves.
[EMAIL PROTECTED] writes:
>
> --openmail-part-003a5048-00000001
> Content-Type: text/plain; charset=US-ASCII
> Content-Disposition: inline; filename="BDY.TXT"
> ;Creation-Date="Sun, 20 Jun 1999 14:43:21 +0200"
> Content-Transfer-Encoding: 7bit
>
> Ok guys/gals... now after all the nice hot-air discussions about NT vs Uniks...
>
> ... can anybody tell me how I could protect a wireless LAN? *G*
>
> That's serious... we're looking into buying one of those wireless devices which
> will handle somewhere between 2 and 10 Mbps (best case though)... to connect a
> couple of remote offices.
>
> As far as I see I'm pretty cleartext through the air... and anybody with the
> right equipment could sniff the hell out of my traffic...
>
> So I guess something like this would be most sensible:
>
> One of my sites(main master site):
>
> [Main] [Encryp-] [ Fire ] [ Wire-]
> [ ]---[ tion ]---[ ]---[ less ]- - - T H I S - I S - A I R -
> [Site] [ box ] [ wall ] [device]
>
>
>
>
> [ WLAN ] [ Fire ] [Encryp-] [Customer]
> A I R - [ ]---[ ]---[ tion ]---[ ]
> [Device] [ wall ] [ box ] [ Site ]
>
>
>
> Well... hope it doesn't wrapp!!! ;-)
>
> Isn't that a bit too complicated? I mean it's great to have a free 2 - 10 Mb
> link to the customers (you pay somewhere around 14'000 sFr [1] monthly for a 2
> Mb link to the net) but having 3to4 boxes on every site is really not too cool.
>
> Can anybody suggest any good Wireless LAN manufacturer? Any suggestions to the
> scenario (yeah I know that most firewalls can encrypt traffic... this scheme is
> just schmematic *G*). I had a look at Lucent... however... they didn't had much
> pictures ;-)))
>
> Cheers
>
> Boris Pavalec [QPB]
> Network / System Engineer [MCSE]
> Highend Computing Systems
> Switzerland - Zuerich
>
> http://www.nt-admin.net
> [EMAIL PROTECTED]
>
>
>
> [1] Which is about 12'000$
>
>
> --openmail-part-003a5048-00000001
> Content-Type: application/ms-tnef
> Content-Disposition: attachment; filename="WINMAIL.DAT"
> Content-Transfer-Encoding: base64
>
> eJ8+IoJyAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAEIgAcAGAAAAElQTS5N
> aWNyb3NvZnQgTWFpbC5Ob3RlADEIAQ2ABAACAAAAAgACAAEDkAYADAAAAAEAAAADABcAAQAA
> ABwAAQOQBgAMAAAAAQAAAAMANgAAAAAAOgABBIABAA0AAABGaXJld2FsbD8/ISEA9gMBA5AG
> ABAAAAABAAAAQAA5AFBcQj8au74BOwMBA5AGACQAAAABAAAACwAngAsgBgAAAAAAwAAAAAAA
> AEYAAAAABYgAAAAAAAB3AgEDkAYAJAAAAAEAAAALACiACyAGAAAAAADAAAAAAAAARgAAAAAA
> iAAAAAAAAHMCAQOQBgAkAAAAAQAAAAMAKYAIIAYAAAAAAMAAAAAAAABGAAAAABiFAAAAAAAA
> fgIBA5AGACQAAAABAAAAAwAqgAggBgAAAAAAwAAAAAAAAEYAAAAAEYUAAAAAAAB4AgEDkAYA
> JAAAAAEAAAADACuACCAGAAAAAADAAAAAAAAARgAAAAAQhQAAAAAAAHgCAQOQBgAkAAAAAQAA
> AAsALIAIIAYAAAAAAMAAAAAAAABGAAAAAA6FAAAAAAAAfwIBA5AGACQAAAABAAAAAwAtgAgg
> BgAAAAAAwAAAAAAAAEYAAAAAAYUAAAAAAABrAgEDkAYAJAAAAAEAAAALAC6ACCAGAAAAAADA
> AAAAAAAARgAAAAAGhQAAAAAAAHkCAQOQBgAsAAAAAQAAAB4AL4AIIAYAAAAAAMAAAAAAAABG
> AAAAAFSFAAABAAAABAAAADguNQB7AwEDkAYAJAAAAAEAAAADADCACCAGAAAAAADAAAAAAAAA
> RgAAAABShQAARxYAABwDAQOQBgAsAAAAAQAAAB4AMYAIIAYAAAAAAMAAAAAAAABGAAAAADaF
> AAABAAAAAQAAAAAAAADBAgEDkAYALAAAAAEAAAAeADKACCAGAAAAAADAAAAAAAAARgAAAAA3
> hQAAAQAAAAEAAAAAAAAAwwIBA5AGACwAAAABAAAAHgAzgAggBgAAAAAAwAAAAAAAAEYAAAAA
> OIUAAAEAAAABAAAAAAAAAMUCAQOQBgAMAAAAAQAAAAMA3j+vbwAAPwIBA5AGABQAAAABAAAA
> HgBCEAEAAAABAAAAAAAAAHMAAQOQBgA0AAAAAQAAAAIBMQABAAAAJAAAADg1MjU2Nzk0LjAw
> NEM0NDlELjAwKGEpbmd3Mi5obnMuY29tAJQJAQOQBgAMAAAAAQAAAAsAAgABAAAADwABA5AG
> AAwAAAABAAAACwArAAAAAAA3AAEDkAYADAAAAAEAAAADAC4AAAAAADIAAQOQBgAgAAAAAQAA
> AB4AcAABAAAADQAAAEZpcmV3YWxsPz8hIQAAAACTBAEDkAYAGAAAAAEAAAAeAD0AAQAAAAUA
> AABSRTogAAAAAFMBAQOQBgAgAAAAAQAAAAIBCzABAAAAEAAAAMXMlNP+JtMRrlAACMfBo2Tl
> CAEDkAYADAAAAAEAAAADAAYQZtYYeOYBAQOQBgAMAAAAAQAAAAMABxAiAwAAQAABA5AGAAwA
> AAABAAAAAwAQEAAAAAAkAAEDkAYADAAAAAEAAAADABEQAAAAACUAAQOQBgB4AAAAAQAAAB4A
> CBABAAAAZQAAAE9LR1VZUy9HQUxTTk9XQUZURVJBTExUSEVOSUNFSE9ULUFJUkRJU0NVU1NJ
> T05TQUJPVVROVFZTVU5JS1NDQU5BTllCT0RZVEVMTE1FSE9XSUNPVUxEUFJPVEVDVEFXSVJF
> TEUAAAAAMh4BA5AGACgAAAABAAAAAgFxAAEAAAAWAAAAAb67Gj8805TM7Cb+EdOuUAAIx8Gj
> ZAAAVwsBA5AGAAwAAAABAAAAAwCAEP////+QBAEJAAQAAgAAAAAAAAABA5AGAAwAAAABAAAA
> CwAjAAAAAAAvAAEDkAYADAAAAAEAAAALACkAAAAAADUAAQSQBgAoBAAAAgAAABIAAAAeAAEw
> AQAAAAwAAAAnZmlyZXdhbGxzJwACAf8PAQAAAEAAAAAAAAAAgSsfpL6jEBmdbgDdAQ9UAgAA
> AABmaXJld2FsbHMAU01UUABmaXJld2FsbHNATGlzdHMuR05BQy5ORVQAAwAVDAEAAAADAAAw
> AAAAAB4AAjABAAAABQAAAFNNVFAAAAAAHgAaDAEAAAAQAAAAUGF2YWxlYywgQm9yaXMAAAIB
> GQwBAAAAXwAAAAAAAACNVUzQ7DwRzoH/CAAJsQN6AQAAAAsAAAAAAAAAMR1QYXZhbGVjHjId
> Qm9yaXMeNR1kLWNoMx42HTIxHjE2HUlEHjE3HVQxMDk3NzgeMTE2HTAxLTIzNjMzNTkAAB4A
> AzABAAAAGQAAAGZpcmV3YWxsc0BMaXN0cy5HTkFDLk5FVAAAAAADAP9fAAAAAAMA/V8BAAAA
> HgD2XwEAAAAKAAAAZmlyZXdhbGxzAAAAAgH3XwEAAABAAAAAAAAAAIErH6S+oxAZnW4A3QEP
> VAIAAAAAZmlyZXdhbGxzAFNNVFAAZmlyZXdhbGxzQExpc3RzLkdOQUMuTkVUAAsADw4AAASA
> AgELMAEAAAAeAAAAU01UUDpGSVJFV0FMTFNATElTVFMuR05BQy5ORVQAAAADAP4PBgAAAAMA
> ADkAAAAACwBAOgEABgADAHE6AAAAABIAAAAeAAEwAQAAAA0AAAAnQURNSU4uTUlTQycAAAAA
> AgH/DwEAAABFAAAAAAAAAIErH6S+oxAZnW4A3QEPVAIAAAAAQURNSU4uTUlTQwBTTVRQAEFE
> TUlOX01JU0NAdWx0cmF0ZWNoLWxsYy5jb20AAAAAAwAVDAEAAAADAAAwAQAAAB4AAjABAAAA
> BQAAAFNNVFAAAAAAHgAaDAEAAAAQAAAAUGF2YWxlYywgQm9yaXMAAAIBGQwBAAAAXwAAAAAA
> AACNVUzQ7DwRzoH/CAAJsQN6AQAAAAsAAAAAAAAAMR1QYXZhbGVjHjIdQm9yaXMeNR1kLWNo
> Mx42HTIxHjE2HUlEHjE3HVQxMDk3NzgeMTE2HTAxLTIzNjMzNTkAAB4AAzABAAAAHQAAAEFE
> TUlOX01JU0NAdWx0cmF0ZWNoLWxsYy5jb20AAAAAAwD/XwAAAAADAP1fAQAAAB4A9l8BAAAA
> CwAAAEFETUlOLk1JU0MAAAIB918BAAAARQAAAAAAAACBKx+kvqMQGZ1uAN0BD1QCAAAAAEFE
> TUlOLk1JU0MAU01UUABBRE1JTl9NSVNDQHVsdHJhdGVjaC1sbGMuY29tAAAAAAsADw4AAASA
> AgELMAEAAAAiAAAAU01UUDpBRE1JTl9NSVNDQFVMVFJBVEVDSC1MTEMuQ09NAAAAAwD+DwYA
> AAADAAA5AAAAAAsAQDoBAAAAAwBxOgAAAAAlzw==
>
> --openmail-part-003a5048-00000001--
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
have fun ...
--
=========================================================================
Peter Bruderer mailto:[EMAIL PROTECTED]
Bruderer Research GmbH Tel ++41 52 620 26 53
IT Security Services Fax ++41 52 620 26 54
CH-8200 Schaffhausen http://www.bruderer-research.com
=========================================================================
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
