RE: Cisco Aironet Wireless Security

[shankarnarayan.d () netsol co in]

Al,

Enable PSPF (don't know what that expands to.........), but it is supposed
to prevent people on the same Access Points from seeing each others' data/
accessing each others files. This feature is available only on Cisco Access
Points and hence if you have other Access Points, you cannot enable it. 

This feature was specifically designed for the Hotspot type of environment
by Cisco. 

Rgds,
Shankar

-----Original Message-----
From: Al Cooper [mailto:alc () tlynx com] 
Sent: Friday, June 18, 2004 6:54 PM
To: security-basics () securityfocus com
Subject: Cisco Aironet Wireless Security

I have inherited a project that is a hotspot using multiple Cisco Aironet
Access Points.  The security concern is having users being able to "see"
each other.  They would like all users to be able to sign-on to the network
without needing to turn off file sharing on the user's computer and have
them "safely" surf the Internet without fear of another local user accessing
their files.  The hotspot is behind a firewall (PIX) so visibility from the
Internet is already addressed.

It appear that the Aironet will accept access lists.  Is this the best way
to provide the security or is there a better way?  Are there any 3rd party
packages that can provide this security?  

Thanks for any advice you can offer,

Al 


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------