Well, I am finally ready to bring the whole Sputnik article series home. Some highlights from the previous articles include:

  • There are some bugs-

    As it turns out, it was an issue with the fact that I had already set things up for guest usage without any sort of specific user or credit card validation. So, there was a bug that prevented me from accessing the AP/Router’s login page (in any capacity). Well, I decided to backtrack the url being used, in order to see if I could find out something new. I mean, rebooting the PC, router, clearing cache and half a dozen other things certainly did not help.

  • The support dept is responsive-

    I was able to connect to a live person in under 30 seconds by choosing two simple options – nice.

  • It’s not pretty, but it is pretty darn functional-

    My first impression? This is not a visually impressive router by any means, none the less I am sure it will meet the needs I have in mind for it.

So what policy did I finally settle on and am I able to filter out malicious MAC addresses? Yes I have a good policy in place and filtering MAC addresses is entirely overcomplicated.

Deciding that I’d like to have users actually logging in with expiring accounts based on my time frame, I went with a policy that allows for self user account creation with an expiration of date of 2 months of inactivity.

There are a few reasons for me choosing this route. The first is that I don’t have time to play babysitter with the WiFi users. Therefore, in addition to the short term accounts, I will soon be implementing GFI LANguard S.E.L.M. It’ll do the babysitting for me. If a malicious user does decide to create an account in an effort to hack a little bookstore (you’d be surprised), then they will discover two things on an intrusion attempt: One, the router itself is actually locked. No one can make ANY changes to its config without breaking in to reset the unit itself. Two, 99% of the configuration and information for Sputnik is secured on a Sputnik server – not at at the location. And finally three, since SELM will alert me to the intrusion via SMS, the intruder will find a very unhappy fella standing outside of their car with a camera taking photos of their activities; all the while making sure to get a shot of their notebook screen. (Either that or just pull them out of the car and beat them within an inch of their life with a boxed copy of Windows Me; just to add insult to injury)

Now, the really big question: Can one lock someone out via MAC address? Well, yes and no. Yes you can certainly kick them in real-time from your home via the Web interface with the Sputnik system. Banning them on the other hand, would require you to actually create a new device authentication system for ‘devices’. Add the MAC addy, then create a new network policy blocking any and all access for that device authentication system. It’s not really that intuitive, trust me. It would behoove Sputnik to simply bring back the old feature of creating a network policy to block based on a MAC addy. Um, duh!

Having said all of that, you can still block the MAC addy of your choice from the actual router web daemon itself, but that is so consumer level! Where’s the fun in that?

So after all is said and done, is it worth the money for the router and Sputnik service? Yes, yes it is. Having said this, I’d really like to see them add MAC filtering in a future update though. Other than that I love this service! Powerful, secure and fun to use!

[tags]wifi,hotspot,wireless security,mac address,sputnik,network policy,bookstore,router locking[/tags]