The just thing you necessitate to know regarding wireless security is that you cannot perimeter-ize it. Wireless technologies are not rather that stop at any customary network boundary, so you cannot think your security efforts for wireless at the boundaries.
In its place, you have to spread your security nets wide. You have to think and defend each device with a wireless network card: each wireless access point, each computer, every handheld, each bit that travels your network bandwidth, and all over they go. You have to do this, in case others attack them and, weak, they become a playground for cruel marauders, free and open conduits right into your interior network, which after that becomes a vast information money trove for your competition. To assist you, I have set a list of best practices for every of these in part two (see below); but foremost, a bit background:
Wireless security features:
Two factors decide which wireless security features are current. These things are the network mode and the IEEE standard. While extra add-on applications and devices subsist that can broaden security choices, if you don't comprehend the present limitations of most wireless devices, you won't know which, if any of these, may advantage you.
Wireless LANs can survive in either ad hoc (peer-to-peer) or communications (all wireless devices have to connect to an access point) form. In ad hoc form, clients communicate straight with every other. Say two of your workers, Alice and Bob, set up their own wireless, ad hoc wireless LAN. Alice cans depiction defenseless applications, shares and other things on her system, to Bob. Unluckily, they're bare to just about anybody else with a wireless card. Congratulations, you just regressed your warily constructed Windows 2000 Active Directory infrastructure to Windows for Workgroups. (It's not tough. XP mechanically and by default will arrange itself to discover and connect to a wireless access point if any subsist and, if none exist, it places itself in ad hoc mode, and so bit cleverness is necessary to set things up.) So where is the security in all this? The response based on which wireless standard are executed in your hardware and software.
While quite a lot of emerging wireless standards are present, there are three which you are most probable to discover in the present market: 802.11a, 802.11b and 802.1 xs. The oldest is the 802.11b standard and the majority wireless LANs rally it. The next one, 802.11a, is quicker, but you cannot blend and bout 802.11a and 802.11b hardware and software on your wireless LAN. 802.1x is a verification standard for 802.11 wireless LANs, but it needs extra hardware and software for its completion.
In a Windows 2000 network, you can employ Internet Access Services (IAS) server. It's integral to Windows 2000, but it have to be installed and configured. Windows XP offers a local 802.1x client which can take benefit of this setup. Verification can after that occurs via Extensible Authentication Protocol (EAP). This protocol describes basic authentication procedures common to the majority authentication protocols and permits administrative option of supported add-ons. For Windows 2000 IAS, sustained protocols are EAP-TLS, Protected EAP (PEAP) with EAP-TLS. PEAP is intended to structure for the lacks of EAP, which does not defend user identity and cooperation procedures; EAP as well does not address the trouble of key exchange. TLS editions of this protocol need the use of certificates, when PEAP with EAP-MS-CHAP utilizes passwords.
Bookmarks