Setting up new 3com Wireless Network in Large Corporate Bldg

More of a planning question here.  I am in charge of setting up a multiple AP (we already have a few #com 8750 AP's)  or Antenna alternative wireless network in a 500+ user environment.  Essentially, I would like some advice on setting up the AP's, and\or Antenna's to have seemless roaming access to the same SSID's without having to change anything on the laptops.  The bldg is narrow and straight with multiple walls and more than 5 AP\Antenna will have to be used. All machines are running winXP, some SP2, some SP1.  So onto the question.  

What is the best hardware to buy?

What Security should be set?  (right now, we have Shared\WEP with MAC filtering)

If we use WEP with MAC filtering, I don't really want to add 200 users to each AP, is there another way?

Thanks,

jingalingAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JFrederick29Commented:
Cisco Aironet 1200's are really nice, I have had great success with them but if you are already using 3Com you will probably want to stick with the same model to keep everything standard.  Centralized authentication using a RADIUS server is probably the way to go.  All clients will authenticate to the RADIUS server and all administration is performed on the RADIUS server easing adminstration.  Hopefully the 3Com's you are using have support for RADIUS, I know the Cisco Aironet's do.
0
jingalingAuthor Commented:
The 3com supports Radius, however, I don't have any experience with it.  If  I use RADIUS, what security will be enabled to protect the WLAN?
0
JFrederick29Commented:
RADIUS will be used for authentication purposes, you will still need encryption to protect your wireless data from being intercepted.  You could use WEP encryption but you may want to look into using WPA instead to complement RADIUS authentication.

http://www.weca.net/OpenSection/pdf/Wi-Fi_Protected_Access_Overview.pdf
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

jingalingAuthor Commented:
Pardon my ignorance for the subject, but will the RADIUS server have to be in a certain area, or can we put it with the rest of the servers?  Also, is there an easy way to encrypt data without MAC filtering on every AP?
0
JFrederick29Commented:
RADIUS is a protocol, you can use IAS on a new or existing Windows server.  RADIUS provides authentication so you really don't need to use MAC filtering.  If you go the RADIUS method, don't even bother with MAC filtering.

http://www.microsoft.com/windows2000/technologies/communications/ias/
0
PennGwynCommented:
MAC filtering doesn't do encryption.  All it does is require an attacker to sniff some of your client traffic to learn some accepted MACs, and configure his wireless card to use one of them.  That's not much of a hurdle.

You still want to use AT LEAST Shared\WEP, and WPA would be a better choice.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.