Wireless is a pretty nice technology, set it up and go. Plus it beats wired devices, one hand down. A wired device has great speed and bandwidth, but there has to be a ethernet run for each computer that needs to be connected. With new wireless standards, the speed and bandwidth is now starting to rival that of wired devices.
From a users point of view, wireless means you're able to move around unconfined by wires. But from an administrators point of view, wireless means another device that needs to be setup. Setting up a wireless device is a small, relatively easy process, but when you are setting up a couple thousand devices it can become time consuming. When you have that many devices it also becomes hard to distinguish who is a legitimate user and who is not.
Enterprise Management
There are a couple of ways to make sure everyone that is attaching to the network is an authorized user. The easiest is mac authentication, but it is also the most time consuming. It works by the network engineer recording the mac address of all devices in the wireless system. Only the devices that are entered into the system will be able to attach. If an authenticated user brings another device in, it will not work. This is an OK method, but if you have a lot of turn-over it can be time consuming to keep it up to date.
Another method would be a radius server. A radius server is much like the mac address list mentioned earlier, except it contains a list of users that have the ability to have access. A radius server is good because the list is built off of another list like LDAP or AD. LDAP and AD is a sort of database of all users that have the ability to login to the network. Those user rights are just extended to the wireless devices. This keeps you from having to maintain multiple lists.
One nicety of having wireless authentication verified through AD is that all wireless profiles (setup) can be pushed out with a group policy. Meaning you never have to touch a computer to setup the wireless configuration. At least with a Microsoft Windows box.
No comments:
Post a Comment