12.5. Wireless Topologies
A wireless network's placement within a network can greatly impact the security level of the network. Many wireless networks, for ease of use, will want to have NAT disabled, allowing AppleTalk and Bonjour connections into devices on the wired network. For larger networks where security is paramount, network administrators should strongly consider putting an Apple AirPort in a demilitarized zone (DMZ). A DMZ sits outside the corporate firewall and can have a completely different set of rules for how network traffic is managed.
The default configuration of an Apple AirPort has NAT enabled. This removes the ability of the wireless clients to communicate over broadcast networks with upstream networks. However, clients ...
Get Enterprise Mac Security: Mac OS X Snow Leopard now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
