wireless/remote access (was: what are your country`s requirements for privacy in schools?)
Am Friday 22 October 2004 00:12 schrieb Ben Higginbottom:
> Teaching the staff about good security practises such as alphanumeric
> passwords that are changed regularly and are never written down, coupled
> with levels of network, server side security and human monitoring will
> give you better security than a magic bullet solution.
Yep, sure. My comment was mostly about the wireless network access. What
client devices did you have in mind?
For equipment that does not belong to (is administered by) the own
organisation the plan for my network so far is to only allow certain services
like a restricted https server for example.
Own wireless equipment (laptops or remote routers) would be configured to use
the vpn to get full access to the rest of the (wired) infrastructure. So
users can log-in at a wireless laptop or remote building's lan the same way
they do on wired workstations. They authenticate themselves to the auth
server or optionally (off site and/or not connected to the net) localy.
I think MAC checks could be a good additional way in trying to detect
inconsistencies in the local net.
Regards,
Christian
Reply to: