LEE 1

There are many wireless LAN security issues that require attention. If and how you handle these problems depends greatly on your security requirements. From the threat of unauthorized users accessing your network and eavesdropping your internal network communications by connecting with your wireless LAN (WLAN), there are a variety of threats posed by insecure or improperly secured WLANs. Here is a brief list with descriptions of some of the primary threats: Rogue WLANs Whether your enterprise has an officially sanctioned wireless network or not, wireless routers are relatively inexpensive, and ambitious users may plug unauthorized equipment into the network. These rogue wireless networks may be insecure or improperly secured and pose a risk to the network at large. Spoofing Internal Communications An attack from outside of the network can usually be identified as such. If an attacker can connect with your WLAN, they can spoof communications that appear to come from internal domains. Users are much more likely to trust and act on spoofed internal communications. Theft of Network Resources Even if an intruder does not attack your computers or compromise your data, they may connect to your WLAN and hijack your network bandwidth to surf the Web. They can leverage the higher bandwidth found on most enterprise networks to download music and video clips, using your precious network resources and impacting network performance for your legitimate users.

Protecting Your Network from Your WLAN LAN segmentation is used by many organizations to break the network down into smaller, more manageable compartments. Using different LAN segments or virtual LAN (VLAN) segments has a number of advantages. It can enable an organization to expand their network, reduce network congestion, compartmentalize problems for more efficient troubleshooting, and improve security by protecting different VLANs from each other. The improved security is an excellent reason to set your WLAN up on its own VLAN. You can allow all of the wireless devices to connect to the WLAN, but shield the rest of your internal network from any issues or attacks that may occur on the wireless network. Using a firewall, or router ACL (access control lists), you can restrict communications between the WLAN and the rest of the network. If you connect the WLAN to the internal network via a web proxy or VPN, you can even restrict access by wireless devices so that they can only surf the Web, or are only allowed to access certain folders or applications.

Secure WLAN Access Segmenting your WLAN from the rest of your network will help to protect the internal network from any issues or attacks on the wireless network, but there are still other steps you can take to protect the wireless network itself. By encrypting your wireless communications and requiring users to authenticate before connecting, you can ensure unauthorized users do not intrude on your WLAN and that your wireless data cannot be intercepted.

LEE 2

Wireless Encryption One of the ways to ensure unauthorized users do not eavesdrop on your wireless network is to encrypt your wireless data. The original encryption method, WEP (wired equivalent privacy), was found to be fundamentally flawed. WEP relies on a shared key, or password, to restrict access. Anyone who knows the WEP key can join the wireless network. There was no mechanism built in to WEP to automatically change the key, and there are tools available that can crack a WEP key in minutes, so it wont take long for an attacker to access a WEP-encrypted wireless network. Conclusion Wireless networks can increase efficiency, improve productivity and make networking more cost effective, but if they are not properly implemented they can also be the Achilles heel of your network security and expose your entire organization to compromise. Take the time to understand the risks, and how to secure your wireless network so that your organization can leverage the convenience of wireless connectivity without creating an opportunity for a security breach.

LEE 3

References

Terry, J., & Heiskala, J. (2002). OFDM Wireless LANs : A Theoretical and Practical Guide. Pearson Education, Inc.

Santamara, A. A., & Lpez-Hernndez, F. J. (2001). Wireless LAN Standards and Applications. Artech House, Inc.

Oppenheimer, P., & Bardwell, J. (2002). Troubleshooting Campus Networks : Practical Analysis of Cisco and LAN Protocols. John Wiley & Sons, Inc. (US).