Educause Security Discussion mailing list archives
Re: WEP
From: Dean De Beer <ddb () PLAZACOLLEGE EDU>
Date: Wed, 13 Jul 2005 09:23:30 -0400
Hi Chad, We never used WEP. We found that deploying a wireless infrastructure using WEP was simply not viable. Security concerns aside, distributing keys and dealing with help desk calls would have been impractical. The I.T. Staff is just too small. We decided on open APs with wireless gateways (Bluesocket) between the WLAN and LAN. Authentication is via RADIUS with IPSec VPNs for all administrative staff. Students never needed to be given new passwords, etc.. as their existing logins were used. We found education through the use of wireless policies helped by explaining the security issues with wireless such as unencrypted data easily sniffed, etc... and offered options such as SSL, VPN, etc... We currenly have a distributed Kismet IDS system in place but we are looking at Wireless IDS/IPS products like BlueSecure, Airmagnet and RF Protect to provide an additional layer of security. Cheers, Dean -----Original Message----- From: Chad McDonald [mailto:chad.mcdonald () GCSU EDU] Sent: Wednesday, July 13, 2005 8:47 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] WEP Understanding that WEP is relatively easy to crack, how many of you have moved away from WEP as an addtional layer of security for your wireless networks? What was your reasoning for doing so? Thanks, Chad McDonald, CISSP Chief Information Security Officer Georgia College & State University 478.445.4473 Office 478.454.8250 Cell 478.445.1202 Fax
Current thread:
- WEP Chad McDonald (Jul 13)
- <Possible follow-ups>
- Re: WEP Dan Updegrove (Jul 13)
- Re: WEP Alt, Brandon C. (Jul 13)
- Re: WEP Christopher E. Cramer (Jul 13)
- Re: WEP Dean De Beer (Jul 13)
- Re: WEP Brenda B Gombosky (Jul 13)
- Re: WEP Penn, Blake (Jul 13)
- Re: WEP Chris Steele (Jul 13)
- Re: WEP Gaddis, Jeremy L. (Jul 15)
- Re: WEP Koerber, Jeff (Jul 18)