Re: [fw-wiz] Discretionary WiFi Access
From: Josh Welch (jwelch_at_buffalowildwings.com)
Date: 07/08/05
- Previous message: Kevin: "Re: [fw-wiz] Discretionary WiFi Access"
- In reply to: Dave Null: "[fw-wiz] Discretionary WiFi Access"
- Next in thread: Paul D. Robertson: "Re: [fw-wiz] Discretionary WiFi Access"
- Reply: Paul D. Robertson: "Re: [fw-wiz] Discretionary WiFi Access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: firewall-wizards@honor.icsalabs.com Date: Fri, 08 Jul 2005 09:40:24 -0500
Dave Null wrote:
> Its not firewall related, but there's some smart minds on this list.
> My company has started looking into campus-wide WiFi. I'll keep my
> personal feeling on this to myself though. One thing that keeps
> comming up is that one of the largest user communities that would take
> advantage of this would be non-employees. Vendors, Salesmen, people
> meeting with GMs/VPs/Execs are probably going to be the main users of
> this. My question is, if you currently have a similar situation in
> your work environment, how do you handle granting these people
> temp/guest WiFi access.
>
> Access controls for employees can be fairly stringent (i.e. only
> connect from company owned assets who's MAC is inventoried, use of 2
> factor authentication, etc), but a lot of this isnt applicable for
> temporary visitors. I know one company that would give you a WiFi card
> when you signed in that was in their database of 'allowed' MAC
> addresses (I know, dont get me started on MAC spoofing), however I
> would bet cash money that those cards walked away regularly. Similar
> thing with issuing a temporary token fob (SecureID or the like).
>
> I know the easy answer here is 'Dont give them WiFi access', but I
> don't think that is going to be an option. Thoughts, comments, flames?
>
> -noid
I have setup an access point outside of our firewall for this express
purpose. It is wide open and I simply monitor port usage to keep an eye
out for any abuse, it hasn't been an issue so far.
Josh
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Kevin: "Re: [fw-wiz] Discretionary WiFi Access"
- In reply to: Dave Null: "[fw-wiz] Discretionary WiFi Access"
- Next in thread: Paul D. Robertson: "Re: [fw-wiz] Discretionary WiFi Access"
- Reply: Paul D. Robertson: "Re: [fw-wiz] Discretionary WiFi Access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
