We have MSM765 wireless access point controllers. We have two ssids for internal and guest wifis. The internal ssid isn't boardcasted and it is configured with WPA2 (AES/CCMP) and the key source is set to Dynamic. We have MAC address list configured on proxy which can only use the internal lan.
Is there anyway we can do better to secure the network? How have you guys set up your lan and what is the benefits they way you guys set it up?
I know there are ways to MAC address spoofing and someone was saying that even after stopping the boardcasting there are ways people can find out the lan.
Please let me know.