IMHO I think you should have encryption on the air - the traffic is too
easy to sniff when in clear. This can be done via VPN: IPSec, PPTP or
even SSL based. Or if want strong policy enforce the use of only secure
protocols on wireless. You do not mention traffic restrictions - so
above might depend on what policies you apply.
Re WEP key distribution - tricky to manage when you want to change it ..
and to disseminate again ..
Broadcasting SSID is probably not a major security issue - since it's
easy to find out anyway, but if you want you could do so ..
Good luck George
> We have just installed a large Alcatel wireless network within our halls of
> residents, at present the access points and bridges broadcast their SSID,
> this system is not encrypted but users are authenticated via a Bluesocket
> box.
>
> Should we think about disabling the SSID or provide an additional WEP
> encrytion?
>
> Many thanks
>
> Richard Corn
> IS Manager
> Bishop Grossetetse College
> Lincoln
|