Microsoft Tightens Wireless LAN Security

Heeding customers' requests for stricter Wi-Fi security, Microsoft is adopting a new standard that supplants WEP. Learn more about the update and how you can be protected.

A new wireless LAN security solution for Windows XP is now a free download at Microsofts Web site. Based on the Wi-Fi Alliances new replacement for its Wired Equivalent Privacy (WEP) solution, Wireless Protected Access (WPA), this security offering is designed for both home and business users of Windows XP. There are no similar downloads for Windows 9.x or 2000, since the software is aimed at wireless features these operating systems do not have.

The Wi-Fi Alliance is a standards body that oversees certification and interoperability for Wi-Fi products. It developed the new WPA standard to provide more robust data encryption and network authentication than WEP offered.

"Many IT managers are hesitant to enable wireless connectivity in their organizations due to security concerns," said Jawad Khaki, corporate vice president of Windows Networking and Communications Technologies at Microsoft, in announcing the download. Indeed, the Wi-Fi Alliance has been predicting that many IT managers will balk at installing the current wave of 802.11g Wi-Fi products precisely because 802.11g is not yet a ratified standard, which raises both security and interoperability issues. 802.11g is a faster wireless solution than the widely used 802.11b. Dennis Eaton, chairman of the Wi-Fi Alliance, recently told PC Magazine, "We expect that the ratification of the g standard will come around June, and by fall, many enterprises will start upgrading their wireless networks."

According to Microsofts Khaki, the new WPA standard resolves existing cryptographic weakness and puts forward a new method for distributing encryption keys automatically. WPA also performs an integrity check on wirelessly transferred data, helping to prevent a malicious attacker from modifying packets. Finally, the new Microsoft code authenticates users on a network and puts in place protections against users joining what the company calls rogue wireless networks.

According to analysts at market researcher firm Gartner, wireless LANs (WLANs) in the professional mobile PC arena will grow to 50 percent penetration by the end of this year, up from 9 percent in 2000.