802.1x vs. VPN
Relying upon WEP for link layer encryption is not the best idea in the world. Sure, it might be okay for a very small environment if you have no other options and you manually change keys on a regular basis. However, for enterprise deployments, you should not rely upon WEP alone (especially with static keys that never change).
As we have seen in Chapter 6, 802.1x offers a number of advantages over WEP alone, which allows us to rely on link layer encryption. For example, when using 802.1x and PEAP, it would be acceptable to place our APs on our internal network, because we are relying upon 802.1x authentication (against a back-end RADIUS server) and dynamic key rotation to provide our security. There is, however, an important distinction ...
Get How Secure Is Your Wireless Network? Safeguarding Your Wi-Fi LAN now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
