I have bonded T1's that come into a location, which I resell to clients in my building. Currently, there is no firewall in place and we hand out IP address's through DHCP reservations. I have users that setup wireless routers instead of purchasing a connection. How can I prevent this from happening? Another problem is that one user may have Kazaa or a virus that will take the entire network down. Is there a bandwidth shaper or something I could purchase that could see all the MAC addresses of the clients behind the individual routers?
This is a common problem in shared tenant space. Some of this can be handled with your lease contracts. You can stipulate no wireless in the building or provide some controls. Your language should state how many addresses and what type of service that you will provide. Handing out addresses and supplying connections without a firewall is a risky business. I would suggest that you look into one of the new firewall appliances that will track all levels of attack and usage. They can do port level blocking for particular nasty attacks. They have ones now that incorporate all of the best products from several vendors in a single box. (Check 3Com – I Know they have one and there are also others). Packateer makes the best bandwidth manager that I have seen. You can control the amount of bandwidth to any user and do some shaping for data versus voice packets. Have you thought about adding VoIP services? This is also becoming quite popular, especially if your tenants are small remote offices or SME types. This saves them from buying a PBX.
If you have wireless connections that are using the Internet, who are they getting the router and connection from to the Internet? If you own the building you can restrict that as well, but it may be hard to do after the fact. It should have been covered in the lease.
This was last published in November 2004
Dig Deeper on Wireless LAN (WLAN)
Proper SBC configuration requires partnering with providers and security teams to examine circuits and potential traffic. Learn the best practices ...
Organizations need SIP services to connect and disconnect call sessions. Now some SIP services are offered through APIs, which expand the use cases ...
A few factors can indicate it's time to replace a business phone system. Learn when it may be time to switch and how to decide on a course of action.