We're currently considering rolling out WLAN to one of our departments (40-50 users, office apps only).

Current thinking is Cisco Aironet 350s with MIC broadcast key rotation using a Radius server and WEP key hashing.

Is there anything this won't cover security wise? What management systems are out there to prevent rogue APs?

Cheers
Tim

Tim

Take a look at the newer Cisco 1100 series too. This is an IOS based AP which will give you a lot more flexibility than the AP350. However, it only comes with captive antennas. The 1200 series would allow you to get external antennas.

Also keep in mind that with a Cisco LEAP solution, you have to buy Cisco wireless cards. This can be difficult for some devices that you can't get a Cisco wireless card for (e.g. Symbol handheld scanners). Overall though, the Cisco LEAP solution is a good solution as long as you do enable Message Integrity Check, rotate the WEP keys, and authenticate to a Cisco ACS server.

Get yourself an Airmagnet for the rogue AP problem. You can enter a list of "approved AP's" in the ACL tool of the device and then any unauthorized APs will cause an alert.

Regards

-Darold