Security for the operator

Operators of Public Spots are primarily interested in the security of their own network infrastructure. A Public Spot module provides operators with a range of security technologies and methods:

• Multi-SSID (only WLAN), VLAN and virtual routers
  • The safe separation of public access can be achieved using one or more different radio cells for an access point (Multi-SSID).
  • VLAN technology can separate public access from the private network of the operator.
  • Virtual routing technology ARF (Advanced Routing and Forwarding) from LANCOM Systems supplies one SSID with its own security and QoS settings and only specific destinations are routed on it.
  This ensures that guest access over a Public Spot is securely and effectively separated from the productive network, even though they share the same infrastructure. The device's internal firewall can, for example, limit the available bandwidth in the WAN to max. 50 %, and access can be restricted to web pages (HTTP, port 80) and name resolutions (UDP 53).
  Note: Further information on Multi-SSID, VLANs and ARF is available in the LCOS Reference Manual.
• Traffic limitTo avoid denial-of-service (DoS) and brute-force attacks on the Public Spot you can restrict the permissible data transfer for non-authenticated Public Spot participants to a harmless volume.
• Locking access to the configurationYou can lock access from your Public Spot network to device configurations (e.g., your access points, WLAN controllers or routers) so that access to configurations is only possible using other specified management interfaces.