After securing the wired network and configuring access for users, the next step is to add wireless access to the network. Modern wireless access dramatically increases the convenience and flexibility of the network. It also creates additional vulnerabilities, but through a well thought out network security plan that uses modern authentication and encryption methods, the wireless network can be every bit as secure as a wired network. The WPA2 standard can be deployed using either the local user database on the SonicWALL UTM appliance or with a remote authentication server such as RADIUS. SonicWALL's unique Lightweight Hotspot Messaging (LHM) provides a powerful and flexible method for authenticating and authorizing wireless hotspot users. This chapter discusses how to configure and operate SonicPoints. In larger wireless networks, multiple SonicPoints can be easily deployed and managed using SonicPoint profiles. The process of how SonicPoints can be used together with VPN policies to create a secure wireless bridge to further distribute the wireless network is described. There are different methods of authenticating users on the wireless network. Encryption and an external authentication server with CA certificates provide secure access for privileged users. Lightweight Hotspot Messaging supports any type of account management including guest accounts, and provides session control. There are other ways to secure one's wireless network as well, such as using WGS or VAPs.