Unrouted Wireless Network setup
-
@WrCombs said in Unrouted Wireless Network setup:
The AP's are typically locked down by MAC address or IP filtering,
That's not really locked down. That's classified as "no security" because anyone can just sniff the working MACs and use them. To someone honestly trying to get in, it's like having a screen door in front of your main door, with no lock on the screen. Even a good wind will open it.
-
@WrCombs said in Unrouted Wireless Network setup:
What do you mean "management" ? like are we updating firmware/aps?
That, but also watch for bad traffic or deal with networking issues. How can you tell which AP is doing what it should if you cant look at them?
-
@WrCombs said in Unrouted Wireless Network setup:
My customer asked me to look into what will be needed, and here i am, trying to give my customer the best answer as to what it will take for their system to be able to run tablets.
That's what I'm trying to answer. I think that they should step back and consider the need for PCI, security, and management. It'll lower costs while providing better results.
-
@scottalanmiller said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
What do you mean "management" ? like are we updating firmware/aps?
That, but also watch for bad traffic or deal with networking issues. How can you tell which AP is doing what it should if you cant look at them?
The AP's working/security/management is on whoever the customer decides they want to bring in to set up their network to add the tablets.
-
@WrCombs said in Unrouted Wireless Network setup:
@scottalanmiller said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
What do you mean "management" ? like are we updating firmware/aps?
That, but also watch for bad traffic or deal with networking issues. How can you tell which AP is doing what it should if you cant look at them?
The AP's working/security/management is on whoever the customer decides they want to bring in to set up their network to add the tablets.
Okay, but that'll make for one hefty contract because they'll need them to engineer solutions for security in that environment. It's doable, but not something you'd ever expect a hospitality business to be willing (or able) to afford. Because this means taking something that is simple and almost free to be secure normally, and making it into something extremely complex and niche.
I'm not saying it can't be done. I'm saying that it's not reasonable for situation and it's a total guarantee that once they realize what it takes, will refuse to do it. Dollars to donuts not one restaurant, bar, or hotel in America does this today.
-
@scottalanmiller said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
Or, Upgrade their switch entirely to a bigger switch, with more ports to add the AP's to it directly without the need to jumper the 2 switches together.
This mostly depends on traffic patterns and budget. Adding a switch is cheaper, but slower, than replacing with a bigger switch. But rarely does it matter.
how is it slower? because you have to configure it? You'd have to configure a replacement switch too, so I would think it would be a wash.
-
@Dashrender said in Unrouted Wireless Network setup:
@scottalanmiller said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
Or, Upgrade their switch entirely to a bigger switch, with more ports to add the AP's to it directly without the need to jumper the 2 switches together.
This mostly depends on traffic patterns and budget. Adding a switch is cheaper, but slower, than replacing with a bigger switch. But rarely does it matter.
how is it slower? because you have to configure it? You'd have to configure a replacement switch too, so I would think it would be a wash.
No, slower because it introduces additional bottlenecks.
-
@WrCombs said in Unrouted Wireless Network setup:
My customer asked me to look into what will be needed, and here i am, trying to give my customer the best answer as to what it will take for their system to be able to run tablets.
It sounds like you're doing something your company specifically does NOT want you doing - anything to do with networking. You shouldn't be giving them any answer, since some other company handles all of the networking. If you engineer it wrong, you'll be blamed, but if you do it right, you have no benefit - and don't say he'll like you more because of it, because the bar owner shouldn't give two shits about you - he only cares about function and cost of your solution, and will bail on you in a second if a better solution comes along.
-
@scottalanmiller said in Unrouted Wireless Network setup:
@Dashrender said in Unrouted Wireless Network setup:
@scottalanmiller said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
Or, Upgrade their switch entirely to a bigger switch, with more ports to add the AP's to it directly without the need to jumper the 2 switches together.
This mostly depends on traffic patterns and budget. Adding a switch is cheaper, but slower, than replacing with a bigger switch. But rarely does it matter.
how is it slower? because you have to configure it? You'd have to configure a replacement switch too, so I would think it would be a wash.
No, slower because it introduces additional bottlenecks.
Ok, that's true, but likely not a real issue in this situation.
-
@Dashrender said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
My customer asked me to look into what will be needed, and here i am, trying to give my customer the best answer as to what it will take for their system to be able to run tablets.
It sounds like you're doing something your company specifically does NOT want you doing - anything to do with networking. You shouldn't be giving them any answer, since some other company handles all of the networking. If you engineer it wrong, you'll be blamed, but if you do it right, you have no benefit - and don't say he'll like you more because of it, because the bar owner shouldn't give two shits about you - he only cares about function and cost of your solution, and will bail on you in a second if a better solution comes along.
This is for the sake of learning to think like i'm in an IT job, atleast that was the goal.
My answer to them was "that will be on the company you pick to do the AP's"
I just didn't put that part in, and now I'm being told more and more about how I don't know shit. -
@WrCombs said in Unrouted Wireless Network setup:
My answer to them was "that will be on the company you pick to do the AP's"
That's a fair answer. But they should bring in PCI advisors before they make networking decisions, not bring in PCI "fixers" after it's a problem. It'll be more secure, and vastly cheaper.
-
@scottalanmiller said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
My customer asked me to look into what will be needed, and here i am, trying to give my customer the best answer as to what it will take for their system to be able to run tablets.
That's what I'm trying to answer. I think that they should step back and consider the need for PCI, security, and management. It'll lower costs while providing better results.
I can't believe you're only now after 6+ months of seeing him post about how they set things up
https://i.imgur.com/LslreWp.png
The company he works for believes that because the terminals can't access the internet, that they are safe, hell they might even think they are providing a PCI compliant environment, but of course, you and I both know they are not, in either case.
-
@Dashrender said in Unrouted Wireless Network setup:
@scottalanmiller said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
My customer asked me to look into what will be needed, and here i am, trying to give my customer the best answer as to what it will take for their system to be able to run tablets.
That's what I'm trying to answer. I think that they should step back and consider the need for PCI, security, and management. It'll lower costs while providing better results.
I can't believe you're only now after 6+ months of seeing him post about how they set things up
https://i.imgur.com/LslreWp.png
The company he works for believes that because the terminals can't access the internet, that they are safe, hell they might even think they are providing a PCI compliant environment, but of course, you and I both know they are not, in either case.
FYI... the PCI docs cover that specifically in page 13 that if the terminals talk to a server, they have to be patched. They actually address that imagined scenario to dispute it ahead of time.
-
@WrCombs said in Unrouted Wireless Network setup:
@Dashrender said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
My customer asked me to look into what will be needed, and here i am, trying to give my customer the best answer as to what it will take for their system to be able to run tablets.
It sounds like you're doing something your company specifically does NOT want you doing - anything to do with networking. You shouldn't be giving them any answer, since some other company handles all of the networking. If you engineer it wrong, you'll be blamed, but if you do it right, you have no benefit - and don't say he'll like you more because of it, because the bar owner shouldn't give two shits about you - he only cares about function and cost of your solution, and will bail on you in a second if a better solution comes along.
This is for the sake of learning to think like i'm in an IT job, atleast that was the goal.
My answer to them was "that will be on the company you pick to do the AP's"
I just didn't put that part in, and now I'm being told more and more about how I don't know shit.Well, sorry, that wasn't my purpose. And leaving that out would have majorly changed any and all answers.
i.e. we would have answered your question more directly. -
@scottalanmiller said in Unrouted Wireless Network setup:
@Dashrender said in Unrouted Wireless Network setup:
@scottalanmiller said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
My customer asked me to look into what will be needed, and here i am, trying to give my customer the best answer as to what it will take for their system to be able to run tablets.
That's what I'm trying to answer. I think that they should step back and consider the need for PCI, security, and management. It'll lower costs while providing better results.
I can't believe you're only now after 6+ months of seeing him post about how they set things up
https://i.imgur.com/LslreWp.png
The company he works for believes that because the terminals can't access the internet, that they are safe, hell they might even think they are providing a PCI compliant environment, but of course, you and I both know they are not, in either case.
FYI... the PCI docs cover that specifically in page 13 that if the terminals talk to a server, they have to be patched. They actually address that imagined scenario to dispute it ahead of time.
Who's responsible for the PCI compliance? the vendor who sells AND maintains the support contract, or the client who buys it?
-
@Dashrender said in Unrouted Wireless Network setup:
@scottalanmiller said in Unrouted Wireless Network setup:
@Dashrender said in Unrouted Wireless Network setup:
@scottalanmiller said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
My customer asked me to look into what will be needed, and here i am, trying to give my customer the best answer as to what it will take for their system to be able to run tablets.
That's what I'm trying to answer. I think that they should step back and consider the need for PCI, security, and management. It'll lower costs while providing better results.
I can't believe you're only now after 6+ months of seeing him post about how they set things up
https://i.imgur.com/LslreWp.png
The company he works for believes that because the terminals can't access the internet, that they are safe, hell they might even think they are providing a PCI compliant environment, but of course, you and I both know they are not, in either case.
FYI... the PCI docs cover that specifically in page 13 that if the terminals talk to a server, they have to be patched. They actually address that imagined scenario to dispute it ahead of time.
Who's responsible for the PCI compliance? the vendor who sells AND maintains the support contract, or the client who buys it?
Client who buys it unless they buy an indemnification contract. This is 100% a situation where caveat emptor... the vendor can claim anything that they want and all risks fall to the company that buys the system, they are ultimately on the hook for all compliance.
-
@scottalanmiller said in Unrouted Wireless Network setup:
@Dashrender said in Unrouted Wireless Network setup:
@scottalanmiller said in Unrouted Wireless Network setup:
@Dashrender said in Unrouted Wireless Network setup:
@scottalanmiller said in Unrouted Wireless Network setup:
@WrCombs said in Unrouted Wireless Network setup:
My customer asked me to look into what will be needed, and here i am, trying to give my customer the best answer as to what it will take for their system to be able to run tablets.
That's what I'm trying to answer. I think that they should step back and consider the need for PCI, security, and management. It'll lower costs while providing better results.
I can't believe you're only now after 6+ months of seeing him post about how they set things up
https://i.imgur.com/LslreWp.png
The company he works for believes that because the terminals can't access the internet, that they are safe, hell they might even think they are providing a PCI compliant environment, but of course, you and I both know they are not, in either case.
FYI... the PCI docs cover that specifically in page 13 that if the terminals talk to a server, they have to be patched. They actually address that imagined scenario to dispute it ahead of time.
Who's responsible for the PCI compliance? the vendor who sells AND maintains the support contract, or the client who buys it?
Client who buys it unless they buy an indemnification contract. This is 100% a situation where caveat emptor... the vendor can claim anything that they want and all risks fall to the company that buys the system, they are ultimately on the hook for all compliance.
Well, then we completely know why his company is doing this, or at least we can make a pretty good assumption.
-
Forgetting the PCI stuff for a second, will the tablet even connect with / play nice with a wireless that doesn't have internet access? I can't speak to W10 but recent experience with Android and Apple has them refusing to use the wireless unless it can do a connectivity check out to 8.8.8.8 or another reliable resource.
-
@notverypunny said in Unrouted Wireless Network setup:
Forgetting the PCI stuff for a second, will the tablet even connect with / play nice with a wireless that doesn't have internet access? I can't speak to W10 but recent experience with Android and Apple has them refusing to use the wireless unless it can do a connectivity check out to 8.8.8.8 or another reliable resource.
We can put PCI on the back burner for a while.
We have multiple sites using Tablets.
some are VLANs, while others are completely unrouted, and they work just fine, I even did the AP setup for one site in particular.Could it be because the tablets are a full version of the OS?
I can't speak for Andriod or IOS Kernels, but At least with the Windows 10 Tablets (from my understanding, correct me if I'm wrong..) it's the same OS as if I installed it on a Desktop with a monitor and a mouse. Just the hardware is smaller, and more compacted. I'm sure there's some degree that it's different, because Tablets memory and Storage is no where close to a Desktop PC. but it the OS runs the exact same. -
@WrCombs said in Unrouted Wireless Network setup:
@notverypunny said in Unrouted Wireless Network setup:
Forgetting the PCI stuff for a second, will the tablet even connect with / play nice with a wireless that doesn't have internet access? I can't speak to W10 but recent experience with Android and Apple has them refusing to use the wireless unless it can do a connectivity check out to 8.8.8.8 or another reliable resource.
We can put PCI on the back burner for a while.
We have multiple sites using Tablets.
some are VLANs, while others are completely unrouted, and they work just fine, I even did the AP setup for one site in particular.Could it be because the tablets are a full version of the OS?
I can't speak for Andriod or IOS Kernels, but At least with the Windows 10 Tablets (from my understanding, correct me if I'm wrong..) it's the same OS as if I installed it on a Desktop with a monitor and a mouse. Just the hardware is smaller, and more compacted. I'm sure there's some degree that it's different, because Tablets memory and Storage is no where close to a Desktop PC. but it the OS runs the exact same.You are correct, Windows on x64/x86 is the same regardless of hardware.
