Microsoft Secure Wireless

Discussion in 'Wireless Networking' started by HelpPls, Jun 24, 2004.

  1. HelpPls

    HelpPls Guest

    I am building a test domain around the published Microsoft Step-by-step
    guide for setting up a secure Wireless Access in a Test Lab. I am building
    a DC, IAS, IIS etc..from scratch and what ever happens to those test
    machines, who cares. My concern is that we currently do not use CA in our
    production environment and am not sure how to take this "test" into a live
    production without affecting the environment if something goes bad. Has
    anyone implemented this guide into a production environment? Any words of
    wisdom?

    Thanks - Sean
     
    HelpPls, Jun 24, 2004
    #1
    1. Advertising

  2. HelpPls

    S. Pidgorny Guest

    Yes, we have done that. Most concerns are around the enterprise CA and
    correct procedures for key management and enterprise trust. On a positive
    side, you get a lot more than just secure wireless - the PKI infrastructure
    is highly reusable for Intranet security, strong authentication, secure
    mail, you name it:

    www.microsoft.com/pki

    Other thatn that, the guidelines are directly applicable to production. Any
    particular questions?

    --
    Svyatoslav Pidgorny, MVP, MCSE
    -= F1 is the key =-

    "HelpPls" <> wrote in message
    news:...
    > I am building a test domain around the published Microsoft Step-by-step
    > guide for setting up a secure Wireless Access in a Test Lab. I am

    building
    > a DC, IAS, IIS etc..from scratch and what ever happens to those test
    > machines, who cares. My concern is that we currently do not use CA in our
    > production environment and am not sure how to take this "test" into a live
    > production without affecting the environment if something goes bad. Has
    > anyone implemented this guide into a production environment? Any words of
    > wisdom?
    >
    > Thanks - Sean
    >
    >
     
    S. Pidgorny, Jun 29, 2004
    #2
    1. Advertising

  3. HelpPls

    HelpPls Guest

    Thank you for the link, I will read that this weekend but in the mean time,
    I do have a few additional questions.

    What Access Point did you guys choose to go with?
    Does the CA have to be installed on a DC?
    Can the CA/IAS/IIS all be installed on 1 machine?
    Can I use the above in conjunction with OWA or to secure my ISA 2000 VPN
    (PPTP) etc...

    Most importantly, can a CA/IAS be removed from safely from domain? And how
    are clients affected if the CA goes down?

    Thanks -

    Sean



    "S. Pidgorny <MVP>" <> wrote in message
    news:...
    > Yes, we have done that. Most concerns are around the enterprise CA and
    > correct procedures for key management and enterprise trust. On a positive
    > side, you get a lot more than just secure wireless - the PKI

    infrastructure
    > is highly reusable for Intranet security, strong authentication, secure
    > mail, you name it:
    >
    > www.microsoft.com/pki
    >
    > Other thatn that, the guidelines are directly applicable to production.

    Any
    > particular questions?
    >
    > --
    > Svyatoslav Pidgorny, MVP, MCSE
    > -= F1 is the key =-
    >
    > "HelpPls" <> wrote in message
    > news:...
    > > I am building a test domain around the published Microsoft Step-by-step
    > > guide for setting up a secure Wireless Access in a Test Lab. I am

    > building
    > > a DC, IAS, IIS etc..from scratch and what ever happens to those test
    > > machines, who cares. My concern is that we currently do not use CA in

    our
    > > production environment and am not sure how to take this "test" into a

    live
    > > production without affecting the environment if something goes bad. Has
    > > anyone implemented this guide into a production environment? Any words

    of
    > > wisdom?
    > >
    > > Thanks - Sean
    > >
    > >

    >
    >
     
    HelpPls, Jul 1, 2004
    #3
  4. HelpPls

    S. Pidgorny Guest

    Inline:

    "HelpPls" <> wrote in message
    news:OMG#...
    > Thank you for the link, I will read that this weekend but in the mean

    time,
    > I do have a few additional questions.
    >
    > What Access Point did you guys choose to go with?


    Cisco 1100/1200 with the latest IOS updates.

    > Does the CA have to be installed on a DC?


    Nope.

    > Can the CA/IAS/IIS all be installed on 1 machine?


    Could be.

    > Can I use the above in conjunction with OWA or to secure my ISA 2000 VPN
    > (PPTP) etc...


    I would suspect so. It's perfectly valid SBS scenario.

    >
    > Most importantly, can a CA/IAS be removed from safely from domain? And

    how
    > are clients affected if the CA goes down?


    The CA going down doesn't affect the clients at all. They don't even check
    the IAS certificate expiration (because they don't have connection at the
    time of the cert verification)


    --
    Svyatoslav Pidgorny, MVP, MCSE
    -= F1 is the key =-
     
    S. Pidgorny, Jul 14, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. KerplunKuK

    Secure and non secure warnings

    KerplunKuK, Aug 24, 2004, in forum: Computer Support
    Replies:
    8
    Views:
    556
    Blinky the Shark
    Aug 24, 2004
  2. Miss Mary
    Replies:
    1
    Views:
    1,461
    sean.archer
    Sep 21, 2007
  3. Replies:
    0
    Views:
    600
  4. Replies:
    0
    Views:
    695
  5. cade

    Secure Auditor secure your windows

    cade, Apr 28, 2008, in forum: Computer Security
    Replies:
    0
    Views:
    504
Loading...

Share This Page