Security Basics mailing list archives

Cisco Secure ACS vs. Firewall

From: Eric Young <schultz_young_assoc () ureach com>
Date: Thu, 24 Oct 2002 16:02:06 -0400

You could do both, but at least do the ACS.  The firewall will 
block traffic you designate, but it won't (unless it contains 
capability of doing so beyond most firewalls) authenticate the 
wireless users.  ACS will perform the AAA - authenticating, 
authorizing, and accounting - to verify those connecting to 
your LAN.  And with wireless, you need to perform MUTUAL 
authentication - ACS would use LEAP or the newer PEAP to do 
this - these are based on the de facto pending 802.1x  security 
standard (de facto since WEP is known to be generally worthless 
so most implementations use proprietary versions of EAP, like 
LEAP and now PEAP).

Putting the WLAN in a VLAN would also segment that wireless 
traffic and allow you to treat it differently once dumped into 
your core infrastructure devices.

Hope that helps.

Regards,


Eric R. Young - CCNP, CCDP, MCSE
Network Engineer / Owner
Schultz, Young & Associates
Ph./Fx. 877.651.8016
Email:  Schultz_Young_Assoc () ureach com
VCard:  www.ureach.com\schultz_young_assoc


________________________________________________
Get your own "800" number
Voicemail, fax, email, and a lot more
http://www.ureach.com/reg/tag

Current thread:

Cisco Secure ACS vs. Firewall mario . walter (Oct 24)
- Re: Cisco Secure ACS vs. Firewall DocValde (Oct 25)
- Re: Cisco Secure ACS vs. Firewall Srecko Jovancevic (Oct 25)
- Re: Cisco Secure ACS vs. Firewall Rudolf Eggelbusch (Oct 25)
  - Re: Cisco Secure ACS vs. Firewall shawnmer (Oct 28)
- <Possible follow-ups>
- RE: Cisco Secure ACS vs. Firewall Ogden, Earl (Oct 25)
- Cisco Secure ACS vs. Firewall Eric Young (Oct 25)