Broadcasting SSIDs
Last Post: May 19, 2009:
-
Not broadcasting the SSID keeps passive scanning tools from finding your AP's and may be a layer of security that you like. I have done a lot of work with companies and government networks that still hide their SSID's. However, roaming will suffer as you have seen. This practice forces roaming stations to use active probes. If you do not need a fast roam, that is fine. If you are supporting VoFi phones your users may experience dropped calls when using SSID hiding. A better practice for SSID use is to use SSID's that do not identify who you are, unless you are building hotspots or using your beacons as ads, and SSID's that do not reveal the physical location of the AP's. I often tell students that hidding the SSID is like not having your company name on the outside of the building. People can still see the delivery trucks with your name on them coming and going, letting them see your name. When very few people had WLAN's this was a common security measure. Now it is expected that most businesses have a wireless network, making things like "war driving", SSID hiding and MAC filters less valuable than they once were. Before you make any changes, consult your written security policies, to ensure your compliance with corporate standards.
- 1