It has come to my attention that with my previous post about wired guest access, I might as well clarify a little about Cisco's wireless guest access.
Cisco's wireless controllers have the ability to "anchor" wlans to a specific controller. I'm think from a Route/Switch perspective there is some benefit to this when it comes to roaming users.
Anyhow, I personally think that by complete accident, Cisco discovered this anchoring feature could be used to provide guest access. After all, it is rather ingeneous. If you already have the ability to anchor a client to a specific controller, what happens when you anchor a client to a controller that is out in a DMZ? Secured guest access, thats what.
Basically, by anchoring a specific wlan to the DMZ controller, you've effectively locked your "guest" users out of your network why still using the trusted infrastructure.
The next step now is with wired guest access. As I mentioned in the previous post, you can create a "guest lan" and anchor it the dmz controller as well. It is the exact same concept, except the guest lan picks up traffic on a specific VLAN whereas wireless guest access picks up traffic from a specific wlan.
Saturday, August 2, 2008
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment