Just looking for some ideas on how best to set up a wireless network to suit our needs. We have corporate SSID which uses 802.1x (machine certificates) to authenticate, but we also have a requirement that staff need to have their corporate iphones on same network as their laptops at certain points. Currently we have a seperate SSID which is mapped to different VLAN which is authenticated using PSK. This VLAN then only allows reachability between their corp mobile/laptop and the internet (cant reach corp resources).
Im in the middle of rolling out ISE so that we can have a full on guest network with sponsor signup etc, but its got me thinking about the way we currently allow BYOD's onto the network.
Is there a better way of doing things than we currently are?
No comments:
Post a Comment