This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Wireless
- ExtremeWireless (WiNG)
- Is mu to mu a security risk?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Is mu to mu a security risk?
Is mu to mu a security risk?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
07-25-2017 09:27 PM
I work on a campus, with 500+ students.
Actually we dont have any kind of auth to the wifi, everyone can access it.
But there is too many complaints about whatsapp calling not working.
And we checked that this problem happens when we disable mu to mu communication.
When mu to mu communication is activated, does it allow someone to sniff packets? Can i let this mu to mu communication activated without any security problem?
Actually we dont have any kind of auth to the wifi, everyone can access it.
But there is too many complaints about whatsapp calling not working.
And we checked that this problem happens when we disable mu to mu communication.
When mu to mu communication is activated, does it allow someone to sniff packets? Can i let this mu to mu communication activated without any security problem?
7 REPLIES 7
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
07-26-2017 12:41 AM
It looks like 'whatsapp' is similar to SKYPE and/or other 3rd party messaging software. The MU to MU disallow feature allows the wireless controller and/or AP to block communications exchanged between clients associated to a WLAN. Once enabled on a WLAN, the wireless controller/AP will block at layer 2 any communication attempts made between all MU MAC addresses associated to the WLAN. This feature also can affect communications between wireless clients and wireless printers associated to the same WLAN.
The primary application for disabling MU to MU communications is Hotspot guest. As the user devices on a Hotspot are typically un-managed, disabling MU to MU communications protects MUs from other MUs, which may be infected with worms and viruses. Additionally disabling MU to MU communications also protects devices malicious attacks from other MUs as well as prevents undesired peer-to-peer file sharing or on-line gaming from dominating bandwidth.
The MU to MU disallow feature will only block communications exchanged between MUs on the same WLAN and will not block MU to MU communications between MUs associated on different WLANs and subnets. To block communications between MUs associated on different WLANs or subnets, the integrated stateful firewall must be used.
When WLAN is open (no encryption and/or authentication), with or without mu to mu communications enabled/disabled, your WLAN is at risk of viruses or malicious attacks.
The primary application for disabling MU to MU communications is Hotspot guest. As the user devices on a Hotspot are typically un-managed, disabling MU to MU communications protects MUs from other MUs, which may be infected with worms and viruses. Additionally disabling MU to MU communications also protects devices malicious attacks from other MUs as well as prevents undesired peer-to-peer file sharing or on-line gaming from dominating bandwidth.
The MU to MU disallow feature will only block communications exchanged between MUs on the same WLAN and will not block MU to MU communications between MUs associated on different WLANs and subnets. To block communications between MUs associated on different WLANs or subnets, the integrated stateful firewall must be used.
When WLAN is open (no encryption and/or authentication), with or without mu to mu communications enabled/disabled, your WLAN is at risk of viruses or malicious attacks.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
07-26-2017 12:41 AM
When WLAN is open (no encryption and/or authentication), with or without mu to mu communications enabled/disabled, your WLAN is at risk of viruses or malicious attacks.
If you use a open network, every one can connect and sniff data (without connecting to the network!). Disabling MU to MU traffic you can stop attacks like MitM. But honeypots as example are possible.
If you use WPA1/2 with PSK it's the same for all people how know the PSK.
To secure your users you need to use authentication. I recommend to use TLS, it's the most secure connection, but you need a PKI and Certificates for every client. Additional you can use PEAP MSCHAPv2, but it need 1-2 settings to really secure it (verify the AAA server). This can be a problem in a BYOD world.
Without authentication you can't call you network secure. Disabling MU to MU communication just stops communication between mobile units connected to the same wireless SSID.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
07-25-2017 09:36 PM
MU to MU communications is talking about client to client communications while on the same WLAN on the same controller. We turn disable MU to MU communication and I have an additional ACL on the WLAN controller that stops clients from talking to one another and only allows them to talk to their default gateway. Disabling these communications cuts down on network traffic and also enhances security.
