Firewall Wizards mailing list archives
DMZ Ideas
From: <firewalladmin () bellsouth net>
Date: Thu, 30 Sep 2004 15:58:41 -0400
Hi All: I am looking for some unique suggestions for a sitaution developing here at my place of employment. A contractor is being hired to set up some wireless stuff for RF tagging (bar code tracking stuff for shipping/receiving). They will be placing readers that send data to Wireless Access Points, which then need to terminate in a DMZ of some sort before it enters the LAN. We will require them to use encryption and MAC filtering along with the appropriate measures to secure the distance/range of the wireless signal to within the confines of the compound. My question is this - What would make a good DMZ for this setup? We have a few suggestions up in the air and it's all prliminary stuff right now. Some ideas are VLAN's (in my opinion too much management overhead, room for error and not necessarily very secure), seperate subnet on router, etc. The tough part is what do we filter the traffic by? There is no "user" to authenticate, only unmanaged readers/devices. The site is the size of a big college campus, so separating the devices onto a seperate backbone/subnet will be physically difficult and expensive as well. All suggestions are appreciated. Thanks, Mark Mark F. MCP, CCNA "You can spend your life any way you want... But you can only spend it once." _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- DMZ Ideas firewalladmin (Sep 30)