WLAN in a secure SME environment

["Shaineel Singh" <ssingh () kbs net au>]

Hi,

I am in the process of providing a solution for an SME that currently
employs both wired and wireless clients. I can provide rudimentary
security for the WLAN by hardcoding MAC addresses on the AP and
disabling DHCP amongst other methods.

My question to the list is this, besides making sure that very little
information is sent via cleartext in wireless mode to circumvent
wireless sniffing, etc. what sorts of methods could I use to effectively
segregate the WLAN and LAN? We are talking about a M$ environment with
winXP being the operating system on most laptops and workstations. Would
it be easier to just have a VPN setup when clients are forced to use
wireless as their access method?

Shaineel Singh
p: +61 411 046 935
e: mailto:ssingh () kbs net au
w: http://203.220.32.126/~ssingh/ 

pgp: 91AC 0F02 B206 36F9 F414  D1EE 8545 94F0 7804 A1EF