Re: Recommended wireless AP for 400 users office

[Paul Nash <paul () nashnetworks ca>]

It’s the “remote capture” that scares me.

I was testing some Meraki kit, called their NOC to try to debug some Radius issues, tech tells me “oh yes, I can see 
your traffic going hither and yon between the test client and test server that are both in your office, and looking at 
the packet contents I can see ….”

With Ruckus (or almost any other) gear, I have to either open up a hole through my firewall or grab the packet traces 
and send them to the tech folk.  They don’t have uncontrolled access to my internal traffic out of the box.

        paul


> On Feb 4, 2015, at 8:31 AM, Ray Soucy <rps () maine edu> wrote:
>
> Honestly, in a lot of cases you don't even need a device to support
> packet capture as a feature to add it as a feature once its
> compromised.  This is just FUD IMHO.
>
> On Wed, Feb 4, 2015 at 7:24 AM, Paul Nash <paul () nashnetworks ca> wrote:
> > > I love the built-in remote packet captures,
> >
> > You, the NSA, and lots and lots of hackers, ALL love the remote packet capture.  If Meraki support can turn it on, 
> > so can someone who penetrates their systems (by getting a job there or by hacking), and then they get to see 
> > everything happening INSIDE your network.  Not just your WAN traffic, which would be bad enough.
> >
> >        paul
>
>
>
> -- 
> Ray Patrick Soucy
> Network Engineer
> University of Maine System
>
> T: 207-561-3526
> F: 207-561-3531
>
> MaineREN, Maine's Research and Education Network
> www.maineren.net