Airport on a business LAN?

[nerveosu]

I setting up a LAN in our new office. On our new LAN, we need to
deploy a public wireless network without a password or
authentication for use in a conference room. (so clients can
come in with a laptop and connect hassel free). Because the
wireless access point would be connected directly to our LAN, it
would leave us exposed. I will be purchasing a router to connect
to our cable internet connection. Can I configure the router so
that the port for the conference room is more restrictive (only
allows email and web surfing)? Or do I need to purchase another
firewall device to stick in between our LAN and the wireless
access point?

 

[Bear]

Actually, what you probably want is Your

1) Cable Modem<->Firewall/router(A)
2) Firewall Router(A) <-> Firewall/router/wireless, Firewall/router(Lan)
3) firewall/router(Lan)<->office lan

The above would be the most secure...
Or you could do:
1) Cable Modem<->Firewall/router(A)
2) Firewall Router(A) <-> Firewall/router(B), wireless access point
3) firewall/router(B)<->office lan
You really don't care if the office lan people can get at the wireless systems. You do care if the wireless systems can get at the office lan systems. Doing anything other than either of the above would require a lot of firewall rules. With either of the above, you need minimal firewall rules. And the less rules, the less likely you are to make a mistake.

The other choice would be to see if your cable modem can support a "second system" and how much you might get charged for that. in that case plug both the wirelss base and your office lan firewall/router into the cable modem. This would be the simplest, but cost the most of course.