• Replies 7 replies
  • Subscribers 337 subscribers
  • Views 32 views
  • Users 0 members are here
Related

NSCAN - Wireless Security

Former Member
Former Member $organization

Those of you using NSCAN...did you have to implement any additional, beyond the normal security measures for the wireless network? We have a venue that has its own wireless network but I'm wondering if we should set up a separate wireless network for the scanners only.

Parents
  • $organization
    1024x768 false false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4

    That was my assessment as well – but we went ahead and used WPA2 encryption

    We have a different WLAN that is open

     

    Nathan Campbell
    Manager of Support and Systems Analysis
    Dallas Symphony Orchestra
    Morton H. Meyerson Symphony Center
    Schlegel Administrative Suites
    2301 Flora Street
    Dallas, Texas 75201

    214-871-4026 - phone
    214-953-1218 - fax

    n.campbell@dalsym.com
    www.dallassymphony.com

    http://www.dallassymphony.com/images/clip_image001.gif


    From: Tessitura Technical Forum [mailto:forums-technical@tessituranetwork.com] On Behalf Of Rich Tepper
    Sent: Wednesday, November 03, 2010 1:31 PM
    To: Nathan Campbell
    Subject: Re: [Tessitura Technical Forum] NSCAN - Wireless Security

     

    We addressed this with David Judd when he was here for a different reason.  I was concerned with exposing the NSCAN API to the internet for fear it could be used to collect CC info from Tessitura.  David assured us that there is never any CC information passed by nscan.  Because of that these scanners should be safe to use over any network.  While I do think that a WPA protected network is a good choice it shouldn't really matter if they are run over an open network since the snooper could only get a patron name and seat number returned to them.  That being said I don't think I would ever use an open network for them but they should not pose any PCI issue at all.

    -Rich

    From: Nathan Campbell <bounce-nathancampbell1231@tessituranetwork.com>
    Sent: 11/3/2010 11:00:28 AM

    We have the access control on a separate WLAN which uses a unique VLAN, MAC address restrictions, static IPs, and firewall with only the 6 IP addresses assigned to the scanners allowed through the firewall. We went a little extreme there, mainly due to PCI - since it is a wireless network (albeit private) and it is talking to the WebAPI (which is in itself a layer of security) we just wanted to be extra diligent in being able to confidently address the requirements.

    The ability to have multiple WLANS with varying security and setup is a nice benefit of the additional investment of a Cisco or similar enterprise class wireless controller.




    This message was sent automatically to you by www.tessituranetwork.com because you subscribed to the Tessitura Technical Forum. You may reply to this message to post to the Technical forum or visit the site to search, read and post to the forums. In the interest of keeping the forum posts from becoming cluttered, we encourage you to delete previous message text from your reply before sending. Thank you!

Reply
  • $organization
    1024x768 false false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4

    That was my assessment as well – but we went ahead and used WPA2 encryption

    We have a different WLAN that is open

     

    Nathan Campbell
    Manager of Support and Systems Analysis
    Dallas Symphony Orchestra
    Morton H. Meyerson Symphony Center
    Schlegel Administrative Suites
    2301 Flora Street
    Dallas, Texas 75201

    214-871-4026 - phone
    214-953-1218 - fax

    n.campbell@dalsym.com
    www.dallassymphony.com

    http://www.dallassymphony.com/images/clip_image001.gif


    From: Tessitura Technical Forum [mailto:forums-technical@tessituranetwork.com] On Behalf Of Rich Tepper
    Sent: Wednesday, November 03, 2010 1:31 PM
    To: Nathan Campbell
    Subject: Re: [Tessitura Technical Forum] NSCAN - Wireless Security

     

    We addressed this with David Judd when he was here for a different reason.  I was concerned with exposing the NSCAN API to the internet for fear it could be used to collect CC info from Tessitura.  David assured us that there is never any CC information passed by nscan.  Because of that these scanners should be safe to use over any network.  While I do think that a WPA protected network is a good choice it shouldn't really matter if they are run over an open network since the snooper could only get a patron name and seat number returned to them.  That being said I don't think I would ever use an open network for them but they should not pose any PCI issue at all.

    -Rich

    From: Nathan Campbell <bounce-nathancampbell1231@tessituranetwork.com>
    Sent: 11/3/2010 11:00:28 AM

    We have the access control on a separate WLAN which uses a unique VLAN, MAC address restrictions, static IPs, and firewall with only the 6 IP addresses assigned to the scanners allowed through the firewall. We went a little extreme there, mainly due to PCI - since it is a wireless network (albeit private) and it is talking to the WebAPI (which is in itself a layer of security) we just wanted to be extra diligent in being able to confidently address the requirements.

    The ability to have multiple WLANS with varying security and setup is a nice benefit of the additional investment of a Cisco or similar enterprise class wireless controller.




    This message was sent automatically to you by www.tessituranetwork.com because you subscribed to the Tessitura Technical Forum. You may reply to this message to post to the Technical forum or visit the site to search, read and post to the forums. In the interest of keeping the forum posts from becoming cluttered, we encourage you to delete previous message text from your reply before sending. Thank you!

Children
No Data