Network Security – VLANs and APs – Additional Securiy risks?

5 pts.
Tags:
Cisco Access Points
Cisco Routers and Cisco Switches
Cisco VLAN
Well, I've been kicking this around and thought I'd ask some experts out there. I'm planning on implementing some Wireless Access Points for guestemployee access. The APs will be connected to the core network on VLAN'd ports. I'm wondering about the security issues involved with this beyond the following assumptions;

  • Native VLAN active on core switches (Yes, most devices communicating on Native VLAN as well.)

  • AP guests are isolated from each other

  • AP uses AES encryption and strong password

  • AP and guests are on seperate subnet

  • Any internal access must be established through¬†IPSec VPN first

  • Unauthorized access attempts are monitored and alerted on

I've heard VLAN hopping is nearly obsolete these days assuming core switches (Cisco) are up to date on IOS. What are the security risks I'm missing here?

Even if someone manages to get a double tagged packet through, wouldn't the attacker have to know the core network subnet? Also, wouldn't the attacked be blind since there is no route back to the original VLAN? Any advice would be greatly appreciated.

 



Software/Hardware used:
Cisco Switches, Access Points

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following