Ask the Expert

How to create a secure conference room with a WLC/NAC configuration

I need to set up conference rooms that will be used by both corporate and foreign or guest devices. I would like to use wired and wireless for flexibility and video conferencing. NAC seems like a no-brainer, but I am curious if I should look into a wireless LAN controller device of some sort, too? Would a NAC do the same thing as a WLC in this scenario?

    Requires Free Membership to View

A wireless LAN controller (WLC) is primarily used to handle client authentication and associations for large-scale wireless deployments. It acts as a centralized management appliance with the lightweight access points (LAPs) acting as the wireless interface to various clients. All management and data packets are tunneled from a lightweight access point to the WLC. Policy is enforced from the WLC onto the LAPs.

A WLC/NAC configuration could be effective for creating a secure conference room, especially in large wireless deployments. In such a scenario, the client would associate with a LAP and authenticate with the WLC. Once authentication was complete, the user traffic would go through the quarantine VLAN from the WLC to the NAC server. Then, after posture assessment was completed and any remediation (if required) was successful, the user VLAN would change from quarantine to access VLAN in the WLC, and the traffic would be allowed through the NAC (bypass).

This was first published in February 2011

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: