A wireless LAN controller (WLC) is primarily used to handle client authentication and associations for large-scale wireless deployments. It acts as a centralized management appliance with the lightweight access points (LAPs) acting as the wireless interface to various clients. All management and data packets are tunneled from a lightweight access point to the WLC. Policy is enforced from the WLC onto the LAPs.
A WLC/NAC configuration could be effective for creating a secure conference room, especially in large wireless deployments. In such a scenario, the client would associate with a LAP and authenticate with the WLC. Once authentication was complete, the user traffic would go through the quarantine VLAN from the WLC to the NAC server. Then, after posture assessment was completed and any remediation (if required) was successful, the user VLAN would change from quarantine to access VLAN in the WLC, and the traffic would be allowed through the NAC (bypass).
Related Q&A from Anand Sastry, featured expert
While encrypting production servers may seem like a good security move, according to Anand Sastry, doing so may not be worth the resources it uses.continue reading
Transferring files from a DMZ to an internal FTP server can be risky. In this expert response, Anand Sastry explains how to use SFTP automation to ...continue reading
When setting up a site-to-site VPN, where should the VPN endpoint be in the DMZ? Learn more in this expert response.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.