RE: Wirless LAN

Tue, 24 Jun 2003 15:05:48 -0700 

  There are two basic approaches to this:

1. Install one of the several GOOD "wireless switch" back-end boxes,
which handle the login and enforce per-user (by group or role) traffic
restrictions.  Some of these offer advanced features, such as allowing
users to roam from one AP to another without re-authenticating.

2. Group access points on different VLANs, according to the rights
users need.  Require some kind of login to access out of the VLAN.
This is clumsy and awkward and horrible; be aware that a few "wireless
switch" products just use the user login to group clients into VLANs,
and expect your core inter-VLAN routing access lists to do all policy
enforcement...

  [I'd prefer not to name names, but watch for boxes that boast how 
many VLANs they allow.  Oh, and note that on some boxes, roaming *may*
require proprietary APs made by the switch manufacturer.....]

David Gillett



> -----Original Message-----
> From: Potter, Tim [mailto:[EMAIL PROTECTED]
> Sent: June 18, 2003 13:08
> To: [EMAIL PROTECTED]
> Subject: Wirless LAN
> 
> 
> We're going to be taking the dive on a WLAN here soon.  We have two
> floors and two wings on each floor.  I'm thinking of 2 access 
> points per
> wing.  My question, is that I'm looking for opinions on how 
> best to set
> this up security-wise.  I've been reading a lot about this lately, but
> maybe someone on this list has set this up and give me some input.  My
> Wireless knowledge is probably a 4 (out of 10).  Thanks,
> -Tim
> 
> --------------------------------------------------------------


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Reply via email to