Those of you using NSCAN...did you have to implement any additional, beyond the normal security measures for the wireless network? We have a venue that has its own wireless network but I'm wondering if we should set up a separate wireless network for the scanners only.
We have the access control on a separate WLAN which uses a unique VLAN, MAC address restrictions, static IPs, and firewall with only the 6 IP addresses assigned to the scanners allowed through the firewall. We went a little extreme there, mainly due to PCI - since it is a wireless network (albeit private) and it is talking to the WebAPI (which is in itself a layer of security) we just wanted to be extra diligent in being able to confidently address the requirements.
The ability to have multiple WLANS with varying security and setup is a nice benefit of the additional investment of a Cisco or similar enterprise class wireless controller.
We addressed this with David Judd when he was here for a different reason. I was concerned with exposing the NSCAN API to the internet for fear it could be used to collect CC info from Tessitura. David assured us that there is never any CC information passed by nscan. Because of that these scanners should be safe to use over any network. While I do think that a WPA protected network is a good choice it shouldn't really matter if they are run over an open network since the snooper could only get a patron name and seat number returned to them. That being said I don't think I would ever use an open network for them but they should not pose any PCI issue at all.
-Rich