[unisog] VPN Protection of Wireless Networks

Jose A. Dominguez jad at network-services.uoregon.edu
Thu Dec 13 21:26:50 GMT 2001


On Thu, 13 Dec 2001, Gary Flynn wrote:

> 
> In October I asked about vendor lockins on various security options 
> for wireless networks.  VPN protection was mentioned quite often. 
> From my reading, effective VPN protection would require each individual 
> user to have a unique key or digital certificate. Are people actually 
> doing that? If so, how are you handling the administration of handing 
> out and revoking keys and certificates? What, if anything is done to 
> educate the end user of the importance of keeping them secret?
> 

Having certificates would be nice but it's not arequirement. You can do
that with Radius and standared username/password pairs. It'll all depend
on what tunnel termination device you use.

We have decided not to use a VPN for our Wireless network and leaving it
up to the users to provide/use secure protocols. We do have SSL
authentication to make sure that only authorized users will connect.

We had everything all planned but some of our more vocal users made the
management backdown from our highly secured network plans. It all had to
do with client support and most VPNs will be limited in that sense right
now.

Oh well, maybe in the future we'll be able to provision a secure wireless
network.

José.



More information about the unisog mailing list