Re: Wireless Security

[Ian McDonald <iam () ST-ANDREWS AC UK>]

SecureW2. (windows/ windows mobile) (free)
PalmOS Enterprise Wireless (for palms). (That's about $10 IIRC).
iCobblers will apparently do WPA(2)-Enterprise soon.

--
ian


Daniel Bennett wrote:
> You want to do what we are currently in the middle of doing. We had a 
> wide open wireless for a while and soon it is being converted to 
> WPA/WPA2 and 802.1x Authentication using PEAP with MSCHAP v2. We use 
> Cisco APs as well and we have 2 WiSMs that we manage them with. It 
> appears to be working great. We have 2 2008 Servers running NPS for 
> Radius authentication for 802.1x. The only down fall that we have had 
> is PDAs. I think it is a compatibility issue with CISCO APs, WiSM, or 
> something that PDAs that support WPA or WPA2 encryption can’t 
> authenticate. We can get PDAs to associate to the APs but that is 
> where they stop. So to fix that problem we have a special dumbed down 
> network for those with Internet Only access.
>
> If anyone knows of any 3^rd party, possibly free, pda authentication 
> application that would help use with 802.1x authentication that would 
> be great. Like I said we run a WPA/WPA2 AES encrypted wireless with 
> 802.1x authentication using PEAP.
>
> *Daniel R. Bennett*
>
> /CompTIA Security+/
>
> */Information Technology Security Analyst/*
>
> Pennsylvania College of Technology
>
> One College Ave
>
> Williamsport, PA 17701
>
> (P) 570.329.4989
>
> *From:* The EDUCAUSE Security Constituent Group Listserv 
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Entwistle, Bruce
> *Sent:* Thursday, May 29, 2008 5:22 PM
> *To:* SECURITY () LISTSERV EDUCAUSE EDU
> *Subject:* [SECURITY] Wireless Security
>
> We will be installing a wireless network in our on campus residence 
> halls this summer. As part of the project we are also looking to 
> increase security on our wireless network. Our current security policy 
> is all wireless users must authenticate on to the network which is 
> controlled by out Impulse NAC. Once connected, network access is 
> limited by access lists for the VLANs. Our current network consists of 
> Cisco 1200 APs which are managed by a WLSE appliance. We are looking 
> to go to encrypted connections, along with looking at other 
> alternatives for authentication such as 802.1x. I am looking to find 
> what others have done in similar implementations, both success and 
> failures, along with the challenges associated with such a project.
>
> Thank you
>
> Bruce Entwistle
>
> Associate Director Enterprise Services
>
> University of Redlands

--
ian

Ian McDonald, ITS, University of St Andrews
T: +441334462779 F: +441334462759
The University of St Andrews is a charity registered in Scotland: SC013532