Wireless Network Security - Using Firewalls for Authentication
Posted on 2006-03-28
We are adding wireless capabilities to our office network to allow the laptops easier access to our network resources. Like many, I have read about all the security vunrabilities etc and how to overcome most of them.
What I am considering is adding a firewall specifically for the access point, so the connection would look something like this:
[Client] ---) [WAP] ---> [Firewall] ---> [Network]
---) is wireless
---> is copper
The main reason why I want the firewall there, is in addition to the intial installation of the WEP key, I would like to have the users authenticate with the firewall to allow traffic the first time they try to access the network. I put this in a different prespective, I would see it as:
1) User turns on their laptop
2) User logs into their laptop
3) User tries to access the internet or network resources, and this is where the authentication with the firewall would take place
4) User goes about their day
5) User powers down their laptop, and authentication is lost, so the next powerup they will need to authenticate again.
If this is at all possible, what would be a good firewall or similar appliance to get the job done? (Given that there would be 30+ users, authentication is required, etc). Features such as user ability to change own password, inactive timeout etc would be a bonus!!!!
Or would their be an appliance out there that is a firewall, wireless access point, etc all-in-one?