You might want to think about using a second set of WLCs as anchor controllers if the same APs are being used for Internal networks.
On Tue, Oct 22, 2013 at 7:50 AM, Roger Wiklund <roger.wikl...@gmail.com>wrote: > Hi. > > I'm setting up a wireless guest network with dual stack. > My concern is security, I want to protect the network as much as possible. > > My exp. with Cisco WLC is rather limited, but it looks like most of the > security features are enabled out of the box. > > - Dynamic ARP Inspection > - DHCP Snooping > - RA Guard > - All kinds of flooding types using the standard signatures blocking. > - IP Theft/IP Reuse > > Besides that I've enabled: > > - Peer to peer blocking > - DHCP Addr assigment required > - Basic ACLs > > Is there anything else that I might have missed/overlooked? > > Also, if I disable DHCP Proxy mode, does that mean I'm vulnerable to DHCP > starvation attacks, rouge DHCP server etc? The documentation is not very > clear on that. > > Thanks! > > /Roger > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/