Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Wireless LAN Lockdown

    By
    Jason Brooks
    -
    February 3, 2003
    Share
    Facebook
    Twitter
    Linkedin

      The drastic drop in the cost of WLAN (wireless LAN) gear, along with the great extent to which 802.11b networking is now being built into notebook and handheld computers, virtually guarantees that wireless networking will secure a spot on your agenda—whether youve placed it there or not. IT administrators would do well, then, to head off a wireless groundswell by taking the lead in deploying these networks and doing so with the sort of attention to security that end users often cant afford to pay.

      In the past year, theres been some encouraging movement toward more secure wireless networking standards. However, as security standards for these networks mature, so, too, will the tactics of those who would crack them.

      Inherently Less Secure

      Wireless networks are fundamentally less secure than wired ones. Nearly every business, however, is already plugged in to perhaps the least secure network of all—the Internet. By regarding WLANs with the same suspicion they do the Internet, companies can unwire themselves with relatively high confidence.

      First, survey your WLAN coverage to make sure that access does not extend beyond your campus.

      Then, start with the security built in to Wi-Fi products. Although WEP (Wired Equivalent Privacy), the primary security mechanism that ships with 802.11b gear, has been proved flawed, it provides better protection than nothing.

      In addition, be sure to apply patches as vendors ready security updates for their WLAN hardware and software offerings (such as those this spring that will bring Wi-Fi Protected Access to existing equipment). If there were any doubts about the importance of patching, the Slammer worm outbreak last month should have put them to rest.

      Companies can protect themselves against casual attacks by enabling WEP, changing access point administration passwords and SSIDs (Service Set Identifiers) from their factory defaults, and separating the wireless network from the wired network into an Internet-access-only zone. Atop such a framework, companies can provide secure access to the network resources theyve sequestered in the same way that they provide these services across the Internet—with a VPN (virtual private network).

      This can be particularly attractive to companies that have already developed a VPN infrastructure to secure traffic across the Internet. And, because of the popularity of VPNs for securing Internet traffic, VPN clients ship with or are available for most operating systems and computing devices.

      VPN clients do impose additional processing power overhead that can be especially noticeable on handheld devices, but weve experienced good performance with the mobile VPN clients weve tested.

      Moving forward, client-side encryption capabilities should improve as chip makers build hardware acceleration engines for encryption algorithms into their processors. Transmeta Corp., for example, has announced it will do so in future Crusoe chips.

      Some WLAN equipment vendors have bolstered and otherwise extended WEP in their products—replacing, for example, WEPs static key mechanisms with dynamic ones.

      eWeek Labs recommends that companies eye such proprietary solutions with caution, however, because they generally require vendor homogeneity from access point to NIC.

      Wireless networking is all about flexibility and openness, two virtues that proprietary security technologies can work to suppress. And WLAN functionality is being built into a wide range of computing devices, many of which may not interoperate with a given proprietary security technology.

      For companies searching for a single, end-to-end solution—and willing to pay for it—vendors such as ReefEdge Inc. offer appliance and software-based solutions that provide for user authentication, traffic encryption and access point management in fairly turnkey packages. Such systems tend to be hardware-agnostic and offer benefits such as quality-of-service assurance and smooth roaming among access points.

      Companies with small or particularly well-managed networks can further boost security by disabling Dynamic Host Configuration Protocol within their WLANs, to keep closer control of users accessing the network, and by enabling media access control address filtering on access points, to limit network access to an authorized set of wireless NICs.

      Senior Analyst Jason Brooks can be reached at jason_brooks@ziffdavis.com.

      Making Sense of 802

      .11″>

      Making Sense of 802.11

      • 802.11a An extension of the 802.11 standard family that operates in the 5GHz band; by replacing the DSSS (direct sequence spread-spectrum) transmission technology of 802.11b with an OFDM (orthogonal frequency division multiplexing) encoding scheme, 802.11a can deliver speeds up to 54M bps
      • 802.11b The most widely used WLAN standard, 802.11b operates in the unlicensed 2.4GHz band and transmits in DSSS; maximum speeds for 802.11b top out at 11M bps
      • 802.11e An effort to boost the quality-of-service and multimedia capabilities of the other 802.11 standards while maintaining backward compatibility
      • 802.11g Uses the same OFDM scheme as 802.11a and will potentially deliver speeds on par with 802.11a; however, 802.11g gear operates in the 2.4GHz swath of spectrum that 802.11b equipment occupies and, for this reason, should be compatible with existing WLAN infrastructures
      • 802.11i Another complementary 802.11 standard, intended to boost security with improved key-distribution methods and advanced encryption technologies such as AES and TKIP
      Jason Brooks
      As Editor in Chief of eWEEK Labs, Jason Brooks manages the Labs team and is responsible for eWEEK's print edition. Brooks joined eWEEK in 1999, and has covered wireless networking, office productivity suites, mobile devices, Windows, virtualization, and desktops and notebooks. Jason's coverage is currently focused on Linux and Unix operating systems, open-source software and licensing, cloud computing and Software as a Service. Follow Jason on Twitter at jasonbrooks, or reach him by email at jbrooks@eweek.com.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×