Hi all,

We have an aironet 1142 to supply wireless to about 25 company devices and it's been rock solid.  We'd like to set up some extra security precautions though due to the sensitive data on our network (who doesn't? :P).

What we were hoping to set up is a method to view/log all TCP/UDP connections (ports, ips & amount of data transmitted) that are running between wireless clients and systems on our network.

I'm not sure if this is possible at all with the aironets.  Would I be correct in that the wireless AP works on layer 2 whilst this will require some level of packet inspection (layer 3) that the aironets might not support?.  Even if it is possible, will the little cpu inside the aironet get slammed?

Does Cisco have any solutions for this apart from putting an ASA or something between the WLAN & LAN?  Is data leak prevention solutions worth looking at? (the business objectives here)

Apologies for my noobness - I'm fairly new to cisco products & IOS.

Regards,

Morgan

IT Technician