Re: Linksys wireless router use in SBS 2003 network
- From: "Dave Nickason [SBS MVP]" <gwdibble@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 18 Oct 2008 14:48:03 -0400
Just to throw in my $.02. I have a secure wireless network attached to my SBS LAN, using a 3Com business-class AP and the method in Owen's doc that Merv pointed to earlier. Only domain-joined clients can access this.
I have a SonicWall firewall device that has an "opt" port that can be configured separately from the LAN. Connected to the OPT port is a basic AP with no security, for guest Internet access or whatever. That's the one people access from the parking lot or whatever, but I don't care because the SonicWall explicitly blocks access to the SBS network from the public wireless network.
The only non-domain client PC that can access the SBS network is my personal laptop, but I have to plug in a cable. I can't connect it to the SBS LAN wirelessly unless I join it to the domain.
I would ask your customer if he would let a visitor sit down at a business PC and take care of their banking, e-mails, or whatever. If the answer is no, he should equally not allow them LAN access with their own PCs. Even if he trusts these people implicitly, he's not only trusting their honesty, he's also trusting their computer skills, their AV and spyware vendor, and their 16 year old porn browsing kids. I understand the pressure to provide employees and guests with personal-use Internet access, but IMO such access needs to be isolated from the business domain.
"Frank" <ffarero@xxxxxxxxxx> wrote in message news:48f9d8f4$0$13068$9a6e19ea@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Thanks James and Merv,
I have setup wireless access on another clients SBS network the right way. But this client is insistant on 1. using the routers without proper setup (Configured for AP) 2. Allowing staff to use ther personal laptops for instaed of using the dektop PC's assigned to them.
When I asked about the laptops he stated that he wanted to make their life easier for them. So be it! I am going back onsite on Monday to try to comprimise with him by strongly suggesting that the wireless segment be setup IAW current published standards.
"Merv Porter [SBS-MVP]" <mwport@xxxxxxxxxxxxxxxxxxx> wrote in message news:e4QOMuRMJHA.5840@xxxxxxxxxxxxxxxxxxxxxxxHi Frank,
(What James said). I think consumer routers (or WAPs) for guest access can be OK if set up properly. No, they may not have all the firewall features and logging capabilities of a more expensive "commercial" router, but they can offer good value at a cheap price. It really depends on the individual client's security needs and risk tolerance.
Owen Williams created a very good document to explain how to set up secure wireless access for SBS:
Configuring Secure Wireless Network Access with Microsoft® Windows® Small Business Server 2003
http://home.comcast.net/~clearviewtc/
--
Merv Porter [SBS-MVP]
============================
"Frank" <ffarero@xxxxxxxxxx> wrote in message news:48f926b0$0$13081$9a6e19ea@xxxxxxxxxxxxxxxxxxxxxxxxxxxxHi all,
A client insists on using linksys wireless routers to extend the network for wireless guests and employees and employees using their own personal laptops.
I am creating a Accepatble Use Policy for them prohibting this. Can someone give some good points on why a consumer grade router and personal laptops should not be used in a SBS network? ssecurity vulnerabilities, etc,etc
Thanks,
Frank
.
- Follow-Ups:
- References:
- Linksys wireless router use in SBS 2003 network
- From: Frank
- Re: Linksys wireless router use in SBS 2003 network
- From: Merv Porter [SBS-MVP]
- Re: Linksys wireless router use in SBS 2003 network
- From: Frank
- Linksys wireless router use in SBS 2003 network
- Prev by Date: Re: Linksys wireless router use in SBS 2003 network
- Next by Date: Re: Cannot delete files even after taking ownership and replacing
- Previous by thread: Re: Linksys wireless router use in SBS 2003 network
- Next by thread: Re: Linksys wireless router use in SBS 2003 network
- Index(es):
Relevant Pages
|
Loading
