NETWORK WORLD NEWSLETTER: RON NUTTER WITH ASK THE EXPERTS 09/22/04 Today's focus: Protecting a wireless net with RADIUS
Dear [EMAIL PROTECTED], In this issue: * Help Desk columnist Ron Nutter offers advice on protecting a ��wireless net with RADIUS * Links related to Ask the Experts * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Fidelia Fidelia Network & Server Monitoring hits a spot Small, Medium or Large? Fidelia offers network and server monitoring for all size enterprises. Their easy to use web interface, and rich reports are setting a trend in the industry. Read more online at: http://www.fattail.com/redir/redirect.asp?CID=81317 _______________________________________________________________ DOWNLOAD THE LATEST SPECIAL REPORTS FROM NETWORK WORLD Focused reports on compelling industry topics, Network World Special Reports are available online at Network World Fusion. Network World Special Reports on Mobility, IP Telephony Security, the State of Wireless LANs and more are currently available. Download any or all of our Special Reports at: http://www.fattail.com/redir/redirect.asp?CID=81352 _______________________________________________________________ Today's focus: Protecting a wireless net with RADIUS By Ron Nutter We are getting ready to double our use of wireless networking at our company. There is a concern that we make it as easy to use as possible but at the same time protect the company network as much as possible. We are putting all access points on a separate VLAN but don't think that is enough. In doing some research, we have found mentions of using RADIUS. Is that something we should look at? -- Via the Internet Yes, Yes, Yes. RADIUS can add one more layer of protection to the network and make it a little harder for someone to get in. There are several ways to do it, depending on what sort of operating systems you have on your network. If you are a Microsoft shop, you can use Internet Authentication Server ( <http://www.nwfusion.com/nlgrease645> ) to help you do this. What you will need to look at is your domain setup. If you have more than one domain at your company, you will probably need to look at multiple IAS installs with a IAS proxy to point the access points to. If you are on W2K, this is going to present a challenge since W2K doesnt support RADIUS Proxy. This means you will need to look at Windows 2003, which does. If you are comfortable with Linux, there are several good RADIUS packages. One that I have seen mentioned more frequently is FreeRADIUS ( <http://www.freeradius.org/> ). This is a very flexible RADIUS implementation that should be able to do what you want. It can handle multiple domains on its own. In June, 2004 ( <http://www.samag.com/articles/2004/0406/> ), SysAdmin Magazine ran a good article on implementing FreeRADIUS; unfortunately, it is not online. O'Reilly's RADIUS book ( <http://www.nwfusion.com/nlgrease646> ) discusses implementing FreeRADIUS as well. With either of these options, you will have to touch the wireless computers in terms of putting digital certificates on them and keeping them up to date. One positive advantage I have seen with these solutions is that the wireless access points become harder to find. I keep an iPAQ handy with miniStumbler ( <http://www.stumbler.net/> ) installed. When working with the Microsoft solution, NetStumbler didnt report that it saw the access point that was configured to work with RADIUS. I expect the FreeRADIUS application to perform in the same way. _______________________________________________________________ To contact: Ron Nutter Ron Nutter, a Master Certified Novell Engineer and Microsoft Certified Systems Engineer in the Lexington, Ky., area, tracks down the answers to your questions. Send your questions to <mailto:[EMAIL PROTECTED]>. _______________________________________________________________ This newsletter is sponsored by Fidelia Fidelia Network & Server Monitoring hits a spot Small, Medium or Large? Fidelia offers network and server monitoring for all size enterprises. Their easy to use web interface, and rich reports are setting a trend in the industry. Read more online at: http://www.fattail.com/redir/redirect.asp?CID=81316 _______________________________________________________________ ARCHIVE LINKS Dr. Internet archive: http://www.nwfusion.com/columnists/blass.html Nutter's Help Desk archive: http://www.nwfusion.com/columnists/nutter.html _______________________________________________________________ FEATURED READER RESOURCE ACCESS NW'S IN-DEPTH REPORT ON: BLADE SERVERS Available now is Network World's Technology Insider on: Blade Servers. Find out why early adopters of blade server technology say the benefits aren't science fiction, how blade servers differ by vendor, why blade servers are perfectly suited for today's data centers, review our extensive blade server buyer's guide and more. Click here: <http://www.nwfusion.com/nlgrease611> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
