Solved

Need recomendation for Wireless Security Authentication beyond WPA...

Posted on 2011-03-23
2
279 Views
Last Modified: 2013-12-09
Greetings EE gods...
I'm being asked to deploy a wireless solution in a business building.
I have the nominal access point security done for WPA through the various access points throughout the building, but I am not feeling comfortable.
I am inquiring on a second level of protection.

Some times, when I log into a Wireless lan, I find myself on a web-based authentication past that in order to get to the network.  Can I get some recommendations for that?
IE...an automatic domain logon, etc....

Thanks
Evan
0
Comment
Question by:Evan Cutler
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 46

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 35202610
The web-authentication you've seen is usually implemented in Guest-Wireless scenarios, where the wireless is completely unsecure (not encrypted).

If the WLAN is for business use only (only employees) you should look at WPA2-Enterprise.  This uses a RADIUS server to authenticate users and can provide extremely secure transmission when used with AES instead of TKIP.

AES is FIPS 140-2 compliant, which basically means the US DoD trusts its integrity and encryption capabilities.

I would look at implementing a firewall for wireless clients in addition to good encryption.
0
 
LVL 9

Author Closing Comment

by:Evan Cutler
ID: 35833409
Thks
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question