Queeg
07-20-2007, 04:13 AM
we use a number of cisco 1100's and 1200's to extend our LAN.
currently, to get onto the WLAN, we use open authentication with a mandatory WPA PSK that is unknown to the user - preconfigured by tech support before PC, Laptop goes out to user.
key rotation is enabled and updates every 5 minutes and data encryption is aes ccmp + tkip
i had plans to tighten security by using open auth with mac address, however reading some of ciscos own papers, it seems that mac authentication and WPA are no longer compatable and mac authentication on its own is considered unsafe.
what should i do to tighten security? IAS & AD?
please help
currently, to get onto the WLAN, we use open authentication with a mandatory WPA PSK that is unknown to the user - preconfigured by tech support before PC, Laptop goes out to user.
key rotation is enabled and updates every 5 minutes and data encryption is aes ccmp + tkip
i had plans to tighten security by using open auth with mac address, however reading some of ciscos own papers, it seems that mac authentication and WPA are no longer compatable and mac authentication on its own is considered unsafe.
what should i do to tighten security? IAS & AD?
please help