When it comes to designing, managing, and optimizing wireless LANs, you can't avoid the subject of security. Because of the fundamental nature of WLANs—with data packets traveling freely through the air where they can be intercepted by attackers—security will always be a high priority in WLAN deployments.
As you can see in Figure A, administrators use a variety of methods to lock down wireless networks. There simply isn't one standard way to accomplish the task. Since WLAN security is by nature so pluralistic and challenging, we've put together a list of articles from TechRepublic and TechProGuild that provide guidance and/or point to resources you can use to harden your wireless network(s).
- "Keep up with public wireless dangers and Wi-Fi security standards"
Roaming employees who connect to other WLANs can pose a security threat to your network. See why it's important to keep up with the latest developments in WLAN security.
- "Wireless LAN security Q&A"
This article from Gartner explains the history of WLAN security and looks at how security standards are currently evolving.
- "Follow these steps to tighten security on Linksys wireless networks"
Linksys wireless equipment remains one of the most popular in use among SOHOs, small companies, and remote offices. This article provides some great tips for hardening Linksys access points.
- "WPA wireless security offers multiple advantages over WEP"
WEP's inadequacies are known far and wide, but the WPA standard is updating and strengthening WEP. See how WPA works and how you'll be able to take advantage of it to protect your WLAN.
- "Cisco's LEAP provides superior WLAN security"
For companies that need a highly secure wireless deployment right away, their best bet is probably to go with Cisco wireless equipment and implement LEAP.
- "ReefEdge and AirDefense offer WLAN security packages"
For enterprises that need to connect and audit multiple wireless networks, a third-party WLAN security solution can greatly streamline and coordinate the process. ReefEdge and AirDefense are two companies that offer excellent wireless security options.
The following TechProGuild articles require a subscription. (If you'd like a 30-day free trial, just click on one of the articles below and follow the prompts.)
- "Design a secure wireless LAN"
Here's a look at some important wireless security principles you need to keep in mind when first setting up a WLAN.
- "Six tips for implementing closed networking on a wireless network"
Learn the steps you need to take to close your wireless network from outsiders who try to connect to your WLAN and steal bandwidth, sabotage data, and engage in other nefarious activities.
- "AiroPeek NX is a wireless security jack-of-all-trades"
WildPackets' AiroPeek NX provides a multifaceted tool that administrators can use to capture and examine wireless packets, which provide abundant data for security auditing.
- "Stumble across rogue wireless access points"
One of the biggest WLAN security problems in many organizations is the presence of "rogue access points"—APs that have not been deployed by IT but by another employee or department. These access points usually do not have any security measures in place and put the network at risk for an easy attack. This article shows how admins can use a program called NetStumbler to track down these rogue APs.
- "Make a robust wireless audit of your network with Kismet"
Another tool for sniffing out rogue access points is Kismet, which can do just about everything NetStumbler can do and more. NetStumbler runs on Windows, but Kismet is designed for Linux/UNIX systems.
- "Launch an IDS to detect rogue wireless access points"
Another way to root out rogue APs is to use an intrusion detection system (IDS). This article explains how this approach works.
Wireless security can be a tricky and time-consuming game. However, it's a high priority for any networks that include WLANs. These resources can help you get the upper hand.