WEP is definitely not perfect, and we don't recommend anyone passing sensitive data over the wireless network.
Yes VPN is definitely secure, however but you have to think about now you're requiring the end user to have a piece of software installed on there machine on top of ensuring the wireless card is properly setup... Do you leave Allow Broadcast SSID to Associate so that most cards by default can pick up the wireless network? I would be interessted to see the difference in responses from schools in a major city vs other schools. I can stand in my office and pickup at least 2 other wireless networks (not on our network) and if I go down to the street corner I pickup anywhere between 5-10 different access points. 802.1x would be great if all cards supported it... Maybe someday in the perfect world they'll ratify a standard for securing wireless that was meant to secure wireless!! Nicola Foggi Networks and Telecom DePaul University >>> [EMAIL PROTECTED] 11/21/02 21:12 PM >>> Agreed! Besides the proprietary stuff, WEP 128 has security problems that are well documented. We use VPN all the way - encrypted to the key stroke. We also consider a move to 802.1x, but are waiting for the complimentary (802.11stuff) that's coming. So, to answer the other questions: 1) We don't do WEP, since we feel it's not worthy, and not worth the risk. 2) VPN all the way. We have a "Knowledge Base" web site that gives users directions on configuration, that seems to work even at the knucklehead level (I did it on my own, first try). 3) No DHCP for wireless. 4) No charge. We currently have Orinoco (~300 nodes on two campuses), but are awaiting RFP results, and intend to expand to 1500 by Summer of 2004. 802.11b until 802.11g is ready. Kirt Guinn Wireless Project Manager Indiana University ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/memdir/cg/.
