current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Sign up ×
Network Engineering Stack Exchange is a question and answer site for network engineers. It's 100% free, no registration required.
up vote -1 down vote favorite

I work for a big company. For some reasons we want to install a special kind of Wifi-Router in a test environment which has to communicate to an external host outside the company over port 9032.

However, the security officer does not want to open the port, since it is against the policies to attach non-company equipment to the company network.

Does anybody know a secure solution which could convince the security officer?

The router does not need to have access to the company network, only to the external host.

share|improve this question

closed as not a real question by Bulki, Mike Pennington, Adam Loveless, YLearn, Justin Seabrook-Rocha Jun 6 '13 at 18:08

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.If this question can be reworded to fit the rules in the help center, please edit the question.
1  
Why not have the WiFi-router outside your network too with the external host since it doesn't need internal access? (Please try to add a bit more detail to the question such as who needs to connect to the WiFi-router and why you're considering it on your inside network.) – generalnetworkerror Jun 6 '13 at 9:26
1  
Following on from generalnetworkerror's answer, putting the wifi router in the DMZ seems like a no-brainer to me, so perhaps I am missing something. Please provide more details. – jwbensley Jun 6 '13 at 11:23
1  
sounds as if you're trying to do some cloudbased wifi APs. I doubt they're called wifi-routers. Anyways, security hates these sorta things. A DMZ would solve this however you may need a specific appliance or physical device to put there which may not even exist. – knotseh Jun 6 '13 at 13:45

1 Answer 1

up vote 0 down vote accepted

You will need to request a seperate network environment which prevents access from this device to the corporate network. This can be done either virtually or physically. This might convince your Security Officer.

share|improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.