Are you suggesting single DES? I wouldn't recommend that. Go with 3DES or AES.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dennis Burgess - 2K Wireless Sent: Monday, November 27, 2006 5:33 PM To: 'WISPA General List' Subject: RE: [WISPA] Wireless Security biting you in the ass? John, Do you have a listing of HIPPA security needs? One thing you can do is provide a secure tunnel, IPSEC is best, or a security on top of security approach. This tunnel will run from your customer equipment, his hospital, etc, to your boarder router etc that is connected via fiber or land line. At that point it is as secure as you can get it. So, if you use WEP, Ya security sux, but then put IPSEC inside that WEP packet, now you are talking. T1s can be tapped, seen it done. So with the WEP and IPSEC you are always talking secure. Add on top of that, the application, and whatever it uses for security, HTTPS, etc. It's a custom solution to a simple problem. The only thing now that they could complain about is what about someone sitting in the parking lot listening to packets sent and received. Can they do that with a T1 etc, well, ya you can TAP a T1, usually done on the switch side of things? All you can do then is maybe offer a dedicated backhaul to them, with a proportery protocol, something like Nstream would work, so now you have Nstream, running WEP encrypted packets that has IPSEC packets inside that. If the break it, they should get the data for the work they had to do. Or put up something like a optical service if you are close! That would eliminate that. Another question I would have to ask is, how secure is cable or DSL? Figure this, DSL lets every customer off of their DSLAM to coomuncate to each other, so does cable. If someone had the right cable modem and off the same segment, sure, they can capture every package that is going across the cable line! Thoughts. Dennis Burgess, MCP, CCNA, A+, N+, Mikrotik Certified [EMAIL PROTECTED] www.2kwireless.com 2K Wireless provides high-speed internet access, along with network consulting for WISPs, and business's with a focus on TCP/IP networking, security, and Mikrotik routers. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Scrivner Sent: Monday, November 27, 2006 4:17 PM To: wireless@wispa.org Subject: [WISPA] Wireless Security biting you in the ass? Wireless broadband security issues have now officially led to my business being put into a bad light due to perceived lack of security. I am a member of a regional broadband planning group that is working with health care and other industry sectors to help deliver broadband options to all areas that need it. Rural Health centers and hospitals are all over the region and most need access to broadband which is highly secure. I need to know what others have done to bring HIPAA compliance assurance to network administrators and hospital personnel so that your solutions are chosen and used for health care connectivity. Currently my services are not being considered do to the perception of a lack of HIPAA security compliance. I need to get on top of this right now and welcome your thoughts and ideas. I would prefer to hear from those of you who have some actual knowledge of delivering HIPAA compliant connections or those who provide equipment which has been documented to meet HIPAA compliance. Thank you, John Scrivner -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/