looking for some suggestions on improving wireless security through restricting what devices can connect. I have been told about MAC lists, certificates, ACLs and a number of other things. Environment is a 5508 WLC at a central site with mostly 1142 and 1262 LWAPs at various remote sites. 2-3 SSIDs at each site and all SSIDs are the same across all sites to make it easy for users when visiting other sites.
Thanks in advance! All replies rated.
P.S. I misspelled "visiting" and the spell check here suggested "fisting" as a suitable replacement. ha.
It depends on what you really want to accomplish. For example, if you have a radius server and active directory and all the computers are domain computers, you can use machine authentication to only allow domain computers access to the network. Other ways is to use PEAP with AD user credentials or use of certificates on the clients side. All of this is 802.1x with different flavors. 802.1x requires a radius server and a certificate on the radius.
Another way to go is Cisco ISE which can profile devices and you can then decide what devices can access the network. Without really knowing what you have and what you want done, its hard to say what you can do:)
Help out other by using the rating system and marking answered questions as "Answered"