Date Added: Jan 2012
Wireless LAN security is a work in progress. The protocols are evolving to meet the needs of serious users. Until the protocols have proven themselves, the best course of action for network engineers is to assume that the link layer offers no security. Treat wireless stations as one would treat an unknown user asking for access to network resources over an un-trusted network. Polices and resources developed for remote dial up users may be helpful because of the similarity between a wireless stations and a dial up client. Both are unknown users who must be authenticated before network access is granted, and the use of an Untrusted network means that strong encryption (IPSec, SSl or SSH) should be required.