I have always previously access my company network just using regular VPN through my work issued laptop (this goes for my previous positions as well). They have now given us the option to self-install a remote access point (with one of their Aruba devices).
I’m just curious what the differences are. I assume this won’t be faster than my home WiFi and I assume the encryption level is the same. What is the advantage for me? What is the advantage for my employer?
Well without knowing what the configuration is like when it comes to the wireless access point and VPN its hard to tell. Is all your traffic on their wifi device tunnel to their back end?
At least with the VPN software you can bring up and down the VPN as you please based on what you are doing on the computer at the time.
Rap3 is a hardware VPN client. When it is connected to your network then some or all of the WIFI network traffic for clients connected to that device will go to the “corporate” network. If it is configured in tunnel mode then all wifi traffic for those clients connected will go down the pipe if it is split tunnel mode then only traffic destined for addresses on your corp network will go down the pipe (i.e. email server or file server). Dollars to donuts it is likely configured in split tunnel mode…
Specifically the device can not sniff your network. It is just a gateway to provide a wifi network to get you back to some “mother ship”. All your other devices and wifi networks will work as normal and aren’t subject to inspection. The RAP3 can defend itself and report back if it is being attacked to a central controller but it won’t do the same for your home network…
Source: I’m an Aruba Systems Engineer
The RAP3 device was pre-configured before being given to me. I am a novice computer user, is there a way for me to confirm the settings? Should I browse to 192.168.1.1 ? I already have a WiFi box set up, so I imagine I would just hit that instead.
I guess my paranoid mind is actually just asking, is this a device that they will use for nefarious purposes - to monitor my home wifi network and other devices.
That’s really interesting, thanks for the response!
I’m curious though, so what’s the advantage for the company to use these over the VPN that they have setup already on the laptop?
I understand the split tunnel mode. If I already have a WiFi box at home, I would only connect to this devices WiFi for my work machine, right? I assume if I connect to it from a personal device then my company would be monitoring my network traffic.
http://www.arubanetworks.com/products/access-points/rap-3/
Looks like they are configured by a controller and most likely they arent open for you to log into and check out.
Why dont you talk to the IT staff that is deploying this technology to ask what the pros and the cons are? All anyone can do in this sub is make educated guess, your IT staff can give you a clear understanding
I think they would have to be either launching an active attack against your home network (which would be very illegal), or passively sniffing your regular home network wireless traffic (you have a separate home wireless router, right?), which is also illegal I think given how google was slapped down for doing this via their street mapping cars.
Other than that, any packets that travel across the router are of course technically (and likely legally) in their control; you aren’t considering using it as your regular home router, are you? (I’m not at all familiar with the devices.)
That’s true. I was hoping for some third party advice. I was surprised that a corporate office would be offering networking equipment to end users.
I was not planning to use it to replace my home device.