Many WISPs use 802.11 APs and client devices since they are so cost effective. And some APs can even be bought with BW management.

However what about security?...

That is, what about WPA, WEP, and MAC address filtering.

To keep "non-customers" off my WISP system, I would have to use MAC filtering. And I can probably use MAC addressing to set BW per customer.

But...

I was told by a reseller, who resells many APs, that...

Most WISPs do not use WEP or WPA filtering because it raises the overhead and can slow the WISP system down too much. That was a surprise to me, but that sure makes sense. Looks like a WISP could really kill their BW if they used WEP and WPA on all their customers.

I'd love to hear from you WISP pros out there, to see if you use WEP and WPA security on your 802.11 compliant devices.

Now that I have heard about reduction in BW due to useing WPA and WEP, I guess I don't want to use that in my WISP system.

But it would seem to open up security issues with WISP customers. What does a WISP customer do to have security in a wireless system? Someone with a sniffer could easily see what a WISP customer was sending and receiving.

Of curse one way to get more security is to use a propritary 2.4 G system (at a higher price of course).

I guess the WISP customer would be ok if he was sending credit card info, as long as it was encrypted. Can email be encrypted sending and receiving? Then the email can be secure also.

I'll need to be up front with my customers about where they can feel secure in a WISP system and where they can't.

What do you tell a customer if they are concerned about security on your WISP system, due to not using WEP or WPA?

I'm not a WISP, but I've talked to many of them. Most hold that they do not need security since either:

1. The traffic is going out on the Internet anyway. (Yeah, but when your customer learns that I can read all of his emails from any nice spot downtown....)

2. Security is built in - DSSS. It's high security for comms like the military uses and cannot be decoded without the proper secret decorder ring (available at Wal-Mart for $39.95...)


Personally, I am dumbfounded that WISPS have not been the subject of one of the many "TV Station Wardrives" that I still see from time to time where someone takes a reporter out to see which local businesses have insecure WiFi. Can you imagine if one was on the 6 o'clock news with a hacker telling everyone that all of the customers of that WISP are blasting their emails and other internet traffic all over town for anyone to read? That WISP, I have to believe, would go out of business that very week.


- Joe

Hi Joe Tampa:

Thanks for your post.

I have since heard that it's possible to get some kind of security certificate for their emails for their POP3 email or Web based email.

And if they need to give their credit card number, they use some kind of secure connection.

So it looks like most sensitive things can be made secure anyway.

I guess its possible to still see where they are browsing.

I need to learn more about the certificates that can make things they send secure.

What about incoming email from clients? Can't secure that on their end.