Question: I'm an owner of a retail business. We have DSL installed for our point-of-sale network which includes processing credit card transactions. Our provider (AT&T) included a wifi access point with WEP enabled, but that's for our internal use. I want to be able to offer free WiFi to our customers but I'm afraid that will expose our POS network to a security risk.
Is it possible to add another wifi access point for public use and still allow me to be able to sleep at night?
Answer: It is completely possibly to run another WiFi network that is separate from your currently existing architecture. The most common currently deployed WiFi radio technology, WiFi-B/G uses 3 non-overlapping channels, so you may co-locate 3 WiFi networks simultaneously without interference.
The important security aspect to be aware of is if you only have a single connection to the internet that is currently used for Point-of-Sale services, you must be careful to restrict access. This can be easily done with access-lists (ACLs) or other network control mechanisms (firewalls) commonly found in network routers.
(Our recommendation is the DLink 655)
As long as we're on the subject of security, WEP is no longer a secure mechanism for for wireless network encryption. Due to a design flaw, WEP encryption can be easily broken in about 10 minutes if a wireless network is being accessed. The replacement, WPA encryption, is a vastly superior scheme. Any access point should that is capable of WEP should be capable (sometimes with a firmware update) of running WPA.
The objective
The bottom line: - while you can and should enable several security features on your network - anything you broadcast over the air can be intercepted, and could potentially be used to compromise your network. In the above case, you are already exposing your network to the public, so before you add another access point to offer free WiFi, make sure your current design is as secure as possible. e.g, Replace WEP with WPA
|
Here you'll find all of the free
