I'm running WPA ,Radias and TPK.

Just cut over last fall from WEP, as it's been crack wide open for some time now. And even spoofing MAC's is no big deal anymore either.

Server 2003's built in Authentication sevices make changing keys on all our laptops and access points totally obsolite.

Just add/remove wireless users to the wireless groups ACE's, and your done, serverside. Client side setup the driver grab a fresh certificate and your done.

We could run with the AES if more the clients Wifi interfaces drivers supported it but few do yet at this point.

Overall it's a very nice slick, seemless, secure system, from M$ even, for once....

IMHO.....

I'm running WPA ,Radias and TPK.

Just cut over last fall from WEP, as it's been crack wide open for some time now. And even spoofing MAC's is no big deal anymore either.

Server 2003's built in Authentication sevices make changing keys on all our laptops and access points totally obsolite.

Just add/remove wireless users to the wireless groups ACE's, and your done, serverside. Client side setup the driver grab a fresh certificate and your done.

We could run with the AES if more the clients Wifi interfaces drivers supported it but few do yet at this point.

Overall it's a very nice slick, seemless, secure system, from M$ even, for once....

IMHO.....

if you are running that at home

you need to change your name to

ubernerd :)

Nope I'm running AES not TPK on the WAS server at home off one of the main OC3 interfaces.

The other 2 interfaces I leave wide open with SSIDs of "opensoBnice" and "Free4All" on 200 mw SMC AP's with ext Antenna. I can pull it in a good 3 blocks away on a Cantanta.

if you are running that at home

you need to change your name to

ubernerd :)

Ubernerd it is! J/K We all have things we do for work, or fun, and we tend to be good at them.

Nope I'm running AES not TPK on the WAS server at home off one of the main OC3 interfaces.

The other 2 interfaces I leave wide open with SSIDs of "opensoBnice" and "Free4All" on 200 mw SMC AP's with ext Antenna. I can pull it in a good 3 blocks away on a Cantanta.
a partial oc3 at your house?

tell me your lying

i could run a radius server and keyswap frequently, if I thought there was a need, the other 40 or so wireless people in range of my halo are much less secure as is and likely a quicker choice than my system. That and MS is considerably easier to hack than my "hardened" linux system. Not impossible granted but very unlikely.

As for the ubernerd thing, I no longer fit that description ;) The rest of you, definately!

a partial oc3 at your house?

tell me your lying


j/k.......

Wanted to see if anyone would pick that one up, you did so you win!

No OC3 here or Radius at home, I just not quite THAT Nerddy.............. yet.

I just did design, setup and maintain a entire WPA/WAS/Radius system for my employer here recently.

I'm with Mike on why run WPA at home when over 1/2 of the residential WiFi networks don't run any keys at all?

Unless your paranoid and or don't know how to secure your own box down, WPA is pretty much security overkill.

For a business that could become a target, it's a critical "must do" upgrade....IMHO

lets measure the e-size of them now!!!