Competitive: Cisco Multiple Vulnerabilities in WLAN Controller

R Rajiv Iyer 3 years 6 months ago
1 0 0

All, Cisco announced multiple security vulnerabilities in their WLAN controllers (WLC) both standalone and WiSM modules.See link for details. http://www.cisco.com/en/US/products/products_security_advisory09186a0080...

Vulnerabilities like ACL bypass show the perils of not having an integrated firewall in the wireless lan controller. Cisco relies on a separate firewall appliance which is not in the datapath when traffic is bridged at the AP.
Wireless LAN controllers crashing and rebooting due to malicious IKE packet points to missing sanity checks on the IPSec packets.
For Cisco WLC customers, this is yet another reminder that Cisco WLC running legacy Airespace OS do not have the same level of security as Cisco wired products running IoS.

It is time to remind Cisco WLC customers that, Motorola wireless switch controllers and APs have a built in firewall that defend against malformed packets and a stateful layer 2 firewall that inspects all traffic  wired or wireless! -Rajiv

CONTACT
Can’t find what you’re looking for?