Scott, I'd raise one important issue with regards to your evaluation and potential deployment of WLAN to bridge the LANs between two buildings. You should consider the impact this type of deployment would have on the confidentiality of data passes between the two buildings. As you cited there has been much discussion in professional forums and the general media as to the relative strength of the crypto in WEP. Various researchers have demonstrated WLAN data path vulnerabilities. Vendors have implemented new technology so as to improve security. It goes back and forth. But, because of the business that you seem to be in (based on your mail address and signature) you need to consider the implications of recent HIPAA (Health Insurance Portability and Accountability Act of 1996) legislation here in the US.
My advice to you as a Network Administrator is to consider whether by implementing a WLAN solution you are maintaining, improving or lessening the confidentiality of any and all data on your network. Given the current legislation my advice to you would be strongly reconsider any project that could be seen (later in review) as lessening the confidentiality of any and all data on your network. As you pointed out in your message; you already know about WLAN vulnerabilities. Unless you specifically document and address how you intend to respond to those vulnerabilities in your implementation, I'd advise you to stay put or find another way. This is just one person's opinion. I hope you find this information helpful. Liberty for All, Brian P.S. For more information about HIPAA a site that I found useful is: http://www.hipaa-iq.com At 01:19 PM 3/15/2002 -0800, Scott Overfield <[EMAIL PROTECTED]> wrote: >Message: 8 >From: Scott Overfield <[EMAIL PROTECTED]> >To: "Firewalls ([EMAIL PROTECTED])" <[EMAIL PROTECTED]> >Subject: Wireless LAN security >Date: Fri, 15 Mar 2002 10:28:30 -0500 > >Good Morning, >My employer and I have been discussing the option of purchasing a Lucent >Orinoco system to replace the current ADSL line between our two buildings, >which are only about half a mile apart, with a clear line of >site......However, I have very little experience with wireless, and I >understand WEP is easily cracked...does anyone on the list have any >experience with these devices, and how they can be secured? Any suggestions >or links that you can pass along I would appreciate very much...... > >******************************************** >Scott Overfield >Network Administrator >Gratiot County Community Mental Health >989-466-4109 >[EMAIL PROTECTED] _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
