I'm looking at enabling 802.11k on my Cisco WLC. I see that it is a per-WLAN feature and that leads me to wonder if there might be any reason to not enable it? Specifically, does anyone know if there are security issues with providing clients the 802.11k neighbor list? if so, should i consider omitting 802.11k from my guest SSID?
Asked
Active
Viewed 777 times
2 Answers
7
I see no reason not to enable it if your WLC/AP's support it.
At the end of the day the neighbour list is only populated with neighbours that are under the same administrative control as the original AP and so it doesn't really open you up any more than a usual WiFi connection would.
David Rothera
- 2,798
- 17
- 20
5
802.11k is no greater security risk than a normal wireless network without 802.11k. Since the clients can already probe for your access points, this information is already available.
It can actually be a bit more secure as the information provided to the client will not include any rogue APs, so they will be less likely to be chosen.
The only reason I can think of for not enabling it is that there have been cases where client devices with older drivers (or where driver devs haven't taken into account 802.11k) may not handle 802.11k well which can lead to problems (disconnects mainly).
YLearn
- 27,511
- 5
- 62
- 130