With the release of firmware 11.10T, Cisco has made a number of security enhancements to its APs. I've read the SCG, and understand what it is that these enhancements are doing.
But in actuality, what is the net effect of implementing these new features? By using Enhanced MIC verification for WEP, and the Temporal Key Integrity Protocol, what do I gain? How secure do these features make a non-LEAP or EAP WLAN? Can enterprises now deploy secure WLANs without spending $6K+ on an ACS box?
Cisco's current LEAP solution, while very robust, is also extremely expensive for a small business, and makes no economic sense for small deployments (what about my house? Don't I deserve a secure WLAN connection?).
Suggestion: Cisco should offer a very watered-down version of the ACS that could fit on an AP, and only perform WLAN authentications. Most of my customers don't require the whole feature set of the ACS, and are only looking to secure their wireless networks. This software should be a free download (how's that for a dramatic statement?)
Along the same lines you asked, I'm wondering about the relative improvement / resistance to hacking that MIC+TKIP provide. Does it just stretch the hack time from 1 day to 2? And how would that compare to using IPSEC 3DES client on the PC and an IPSEC gateway between the access points and the rest of the company network?
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...