Prevent other Devices to access Company WIFI
-
@scottalanmiller said:
@Joyfano said:
@scottalanmiller said:
What security do you have today? How are they getting on to your network?
I am using WPA/WPA2
Their computers are connected to network too.
It happen that there are computer with "local admin" enabled so that they can run some application required admin rights.What applications are requiring that? Are they really needed?
I think it has to do with HR tracking software
-
@scottalanmiller said:
@Joyfano said:
@scottalanmiller said:
What security do you have today? How are they getting on to your network?
I am using WPA/WPA2
Their computers are connected to network too.
It happen that there are computer with "local admin" enabled so that they can run some application required admin rights.What applications are requiring that? Are they really needed?
As you most certainly know, they probably don't need local admin rights, but the program was written poorly so we IT staff have to spend hours and hours finding what permissions need to be changed to allow the software to work. What's worse, even if you go through that trouble, often you can't get support from the vendor without granting full local admin rights.
-
I agree with a RADIUS server. You can get most consumer equipment to run dd-wrt, which has RADIUS support, and use that for a WAP if you want. That is only if your existing WAP doesn't natively support RADIUS.
-
Thank you for all of your suggestion. I guess i will change the password of Wifi on weekend and connect their computer while they are away...
-
@ajstringham said:
I agree with a RADIUS server. You can get most consumer equipment to run dd-wrt, which has RADIUS support, and use that for a WAP if you want. That is only if your existing WAP doesn't natively support RADIUS.
Thank you A.J and @nadnerB I will read and learn a bit about your suggestion.
-
Definitely avoid DDWRT in a business. That's a toy OS for hobbyists. Has no place in a business.
-
@scottalanmiller said:
Definitely avoid DDWRT in a business. That's a toy OS for hobbyists. Has no place in a business.
In an SMB, why not? It works and it's plenty solid. I'm not saying anything more than 20 users. Outside of that, why not?
-
Because it is a hobbyist OS and there are now many options that are not hobbyist versions that are in the same price point.
Another question to @scottalanmiller though, Now that ASUS is selling their medium/high end devices with DDWRT, does this change anything for you?
Not using DDWRT simply because it's hobbyists would mean not using LINUX many years ago.. and it might not be where it is today if not for its continued use outside the 'expected norm.'
-
@ajstringham said:
In an SMB, why not? It works and it's plenty solid. I'm not saying anything more than 20 users. Outside of that, why not?
SMBs don't have the money or time to blow resources on toys. Buying consumer gear and then putting a hobby OS onto it doesn't make sense. You will spend as much as you would for enterprise gear while throwing the support that you paid for out of the window. Doing embedded hobby stuff at home for fun is great. Doing it in a business of any size doesn't make sense. Just because a business is small doesn't mean that money can be wasted or stability isn't important.
Reverse the question, you can ask "why not" and the reasons against it are not that strong. It will work and it is cheap. But ask "why?" If you don't have solid business reasons why you would skip fully supported, enterprise equipment in a business, don't go putting modified consumer gear in.
Likewise, I would never, ever put the hardware that DDWRT runs on into a business without DDWRT either.
-
@Dashrender said:
Another question to @scottalanmiller though, Now that ASUS is selling their medium/high end devices with DDWRT, does this change anything for you?
Asus definitely changes the equation a little bit. DDWRT itself isn't too bad. It's a solid base. Asus adding some degree of support and better hardware changes things. But unless it is less than $89 significantly, I can't see it making sense compared to enterprise gear. Now that Vyatta is fully supported at that price, it blew away pretty much everything under $1,000 these days.
-
To the SMB market, ASUS has a bigger, better known name than Vyatta - which outside of here and SW I've never heard of.
-
@Dashrender said:
To the SMB market, ASUS has a bigger, better known name than Vyatta - which outside of here and SW I've never heard of.
I had heard of Vyatta years ago and tested it along side pfSense. I thought pfSense was easier to setup and configure, so I went that route. I liked Vyatta though I basically forgot about it after hearing it went private.
-
And now Vyatta is part of Brocade.
-
@Dashrender said:
And now Vyatta is part of Brocade.
That is not new. That is what I was referring to when I mentioned it went private.
Things like EdgeMax routers are forked off of one of the last public versions before it went private.
-
@Dashrender said:
To the SMB market, ASUS has a bigger, better known name than Vyatta - which outside of here and SW I've never heard of.
That's a seriously sad state of SMB IT. That's like SMBs knowing Linksys and not Cisco.
-
-
@Dashrender said:
Not using DDWRT simply because it's hobbyists would mean not using LINUX many years ago.. and it might not be where it is today if not for its continued use outside the 'expected norm.'
And using it in 1996 would have been crazy. There was clearly a time and their remain Distros that have no place in business.
-
@scottalanmiller said:
@Dashrender said:
To the SMB market, ASUS has a bigger, better known name than Vyatta - which outside of here and SW I've never heard of.
That's a seriously sad state of SMB IT. That's like SMBs knowing Linksys and not Cisco.
Those are Belkin now.
-
Yes they are. They just keep going downhill.
-
@scottalanmiller said:
Yes they are. They just keep going downhill.
Hey, the WRT54G is a staple of the networking industry. And every freaking revision supports dd-wrt. No complaints on a lot of their stuff. Their more recent Cisco Linksys stuff, as in the past two to three years, all sucked. Otherwise, it was solid.