[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Secure WiFi for small business

Posted on 2009-04-30
8
Medium Priority
?
477 Views
Last Modified: 2013-12-27
Hi,
We are considering implimenting WiFi at our business.  Although we have a small business, there is a lot of sensitive data.  Questions.  How would you impliment it?  We have cisco asa and most of the switches here are unmanaged.  Should I create a DMZ  or VLAN and then try to put a home grade wireless rourter here?  Are there any products out there can incorportate AD security here so only the people who are in the domain can log on?  Mac address is just too much of a pain the have to check all of them.  Is there a reasonable intelligent wifi hardware that can do the work.  We are a windows shop but don't have enough cash or man power to impliment any thing too exensive.  Thanks
0
Comment
Question by:nkuo
  • 5
  • 2
8 Comments
 
LVL 6

Expert Comment

by:jpquonce
ID: 24270638
I don't think there is anything with AD integrality as it wouldn't be able to tell if you AD unless you already logged on which would also mean they are already hooked to the wireless.

I would suggest getting a small wireless router like you were saying and set it up using WPA security. So basically the would see the network but they would need the password that you provide them to connect to it.

That would defiantly be the easiest and most secure way to do it with you setup.
0
 

Author Comment

by:nkuo
ID: 24270770
I'm trying to aviod the single password thing.  I would like to track if there are any illegal access.  
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 24270973
You need to set up an IAS server that can read AD user accounts.  See http://technet.microsoft.com/en-us/library/cc780214.aspx?ppud=4

and http://technet.microsoft.com/en-us/library/cc776984.aspx

You need to source a Wireless Access Point that supports RADIUS authentication....

Hope this helps...
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:nkuo
ID: 24271007
ahhhh, was hoping there is a cheaper way.  doens't look like it though.
0
 

Author Comment

by:nkuo
ID: 24271027
Anyone knows a good open source solution?
0
 
LVL 14

Accepted Solution

by:
Roachy1979 earned 2000 total points
ID: 24275102
Sorry - I assumed since you were working with AD you'd prefer an MS solution....

My preferred option would be to implement something along the lines of a freeRADIUS server to handle the authentication.....again a radius compatible access point is necessary....

The other...and possibly cheapest option is to set up a pfsense box as your gateway device and use Captive Portal to secure and limit wireless clients.  This handles local authentication well....

check out http://www.pfsense.org for details of the firewall/gateway (it's open source and free!) and to see a  video on the captive portal feature, check here
http://computerproonsite.com/Captive_Portal.htm

Hope this helps!!

0
 

Author Comment

by:nkuo
ID: 24275308
Yeah I would pefer ms but cost too much.  
0
 

Author Comment

by:nkuo
ID: 24275310
Yeah I would pefer ms but cost too much.  
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the purchase of CloudCommand by Comcast customers are left in a bind as subscriptions expire and render the AP's disabled. The following will explain how to flash your Ubiquiti AP's with CloudCommand firmware back to Ubiquiti firmware. HOWTO…
Today sees the launch of a new case study, focusing on BYOD technologies we have been working with for some time now.  But with the advent of 802.11ac wireless technologies and the story behind our landmark developments, we would like to share this …
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question