Jason,
There is an assumption in my answer that I forgot to mention:
One can decrypt the traffic of another user with WPA2-PSK if one knows the
passphrase of that particular WPA2-PSK network.
This doesn't mean that WPA2-PSK is broken, but that in a large environment
where everyone knows
the
To add to what Philippe said, WPA2-PSK is officially called WPA2-Personal. It
is meant for home use where there is no authentication infrastructure.
The WPA2-Enterprise system requires an 802.1X authentication infrastructure for
support and it offers higher security than WPA2-Personal.
We have found RADIATOR to be very flexible and configurable. We are using it to
implement our own version of vlan pooling since Meru doesn't have that
feature.
One caution, we run RADIATOR on windows servers (because we do AD
authentication) and there is the potential for you to have