What Are The Steps That Has To Be Taken For Maintaining The WLAN Security?

Following are few steps that can be taken to improve and maintain WLAN (WIRELESS LOCAL

AREA NETWORK) security

1. Discovery and Mitigation of Rogue WLAN (WIRELESS LOCAL AREA

NETWORK) s and Vulnerabilities 

The foundation for all WLAN (WIRELESS LOCAL AREA NETWORK) security starts

by understanding the environment in which the WLAN (WIRELESS LOCAL AREA

NETWORK) operates (Khatod, A. 2004).

Unauthorized WLAN (WIRELESS LOCAL AREA NETWORK) s – which includes

access points, soft access points (laptops behaving as access points), user stations,

wireless bar code scanners and printers -- symbolize one of the biggest hazards to

organization network security by creating an open entry point to the organization network

that bypasses all existing security measures (Khatod, A. 2004).

A simple WLAN (WIRELESS LOCAL AREA NETWORK) can be easily installed by

connecting a $50 access point to a wired network and a $40 WLAN (WIRELESS

LOCAL AREA NETWORK) card to a laptop, employees are setting up unauthorized

WLAN (WIRELESS LOCAL AREA NETWORK) s even when IT departments are slow

to embrace the new technology or even opposed to it. These unauthorized access points

generally lack standard security and thus bypass an organization's investment in network

security (Khatod, A. 2004).

Insecure wireless user stations such as laptops pose an even higher risk to the security of

the organization network than unauthorized access points. The default configuration of

these devices offers insufficient and limited security and can be easily misconfigured.

Attackers can use any unauthorized wireless station as a launch pad to breach the network

(Khatod, A. 2004).

The same insecurity can come from network vulnerabilities originating from improperly

configured WLAN (WIRELESS LOCAL AREA NETWORK) s. Neighboring WLAN

(WIRELESS LOCAL AREA NETWORK) s located in the same area as the WLAN

(WIRELESS LOCAL AREA NETWORK) also pose risks of the neighboring stations

accessing your network and interfering on wireless channels (Khatod, A. 2004).

Freeware, commercial scanners can survey the airwaves for unauthorized access points

and some network vulnerabilities. A slow and time-consuming effort, this process

demands a network administrator to physically walk through the WLAN (WIRELESS

LOCAL AREA NETWORK) coverage area looking for wireless data and is limited in

effectiveness because it only examines the airwaves for existing threats (Khatod, A. 2004).
 New unauthorized access points and other vulnerabilities can appear after a scan and

might not be detected until the next time a network administrator checks the network.

John Girard, at Gartner Inc., stated at a security conference in Europe that the feeblest

effective way to achieving this is to buy a handheld "sniffer" and patrol the perimeter of

the organization's network (Khatod, A. 2004).

According to wireless security experts, discovery of unauthorized access points, stations

and vulnerabilities is best accomplished with 24/7 monitoring of the WLAN (WIRELESS

LOCAL AREA NETWORK). Continuous monitoring will identify when and where the

unauthorized access point first appeared, who it connected to, how much data was

exchanged between them and the direction of traffic in real time. Installing separate set of

wireless intrusion-detection sensors is one secure method is to avoid attacks (Khatod, A.

2004).

2. Isolate All Access Points and Devices 

The next step in WLAN (WIRELESS LOCAL AREA NETWORK) security includes

perimeter control for the WLAN (WIRELESS LOCAL AREA NETWORK) . Each

wireless-equipped laptop should be secured by setting up a personal agent that can alert

the organization and user of all security vulnerabilities and implement accordance to

organization policies. Organizations should set up organization-class access points that

offer advanced security and management capabilities (Krishnamurthy, P. 2002).

Organizations should change the default Service Set Identifiers, which are basically the

names of each access point. Default SSIDs alert hackers to vulnerable WLAN

(WIRELESS LOCAL AREA NETWORK) s (Krishnamurthy, P. 2002).

 The SSIDs should be changed to names that are irrelevant to people outside the

organization. An SSID of "HQ Office" or " Accounts" only calls attention to valuable

information that a hacker would like to access to (Khatod, A. 2004).

Most organization-class access points also allow the user to limit which stations can

connect to it based on filtering of media access control addresses of authorized stations

(Krishnamurthy, P. 2002).

To eliminate the threat of attackers connecting to the WLAN (WIRELESS LOCAL

AREA NETWORK) from the parking lot or the floor above from where connection

speeds will be greatly reduced, access points should be configured to not allow the slower

connection speeds (Krishnamurthy, P. 2002).

3. Set and Implement WLAN (WIRELESS LOCAL AREA NETWORK) Policies 

Every organization network needs a policy for control and security. WLAN (WIRELESS

LOCAL AREA NETWORK) s are no different. While policies will be different based on

individual security and management requirements of each WLAN (WIRELESS LOCAL

AREA NETWORK) , a thorough policy -- and implementation of the policy -- can

protect an organization from unnecessary security attacks (Khatod, A. 2004).

WLAN (WIRELESS LOCAL AREA NETWORK) policies should begin with the basics

of forbidding unauthorized access points and ad hoc networks that can bypass network

security. Many security features, like WEP or VPNs and broadcast of SSIDs, are

controlled on the access points and stations, policies should be in place to stop the
 reconfiguration of access points and WLAN (WIRELESS LOCAL AREA NETWORK)

cards to change these features (Krishnamurthy, P. 2002).

WLAN (WIRELESS LOCAL AREA NETWORK) security is highly increased with

policies that limit WLAN (WIRELESS LOCAL AREA NETWORK) traffic to operate

on set channels, at connection speeds of 5.5Mbit/sec. and 11Mbit/sec., and only during

selected hours. By setting up a specific channel for each access point, all traffic on the

other channels can be identified as suspicious/unauthorized activities (Khatod, A. 2004).

A policy that all stations connect at the higher speeds protects a WLAN (WIRELESS

LOCAL AREA NETWORK) from attackers in the parking lot or neighboring office who

are likely too far away to connect at 5.5Mbit/sec. and 11Mbit/sec. A policy that limits

WLAN (WIRELESS LOCAL AREA NETWORK) traffic to selected hours of operation

protects a network from late-night attacks of an attacker in the parking lot connecting to

the network or an employee sending sensitive data from the wired network to a wireless

network while no one else is around (Krishnamurthy, P. 2002).

Although policies are necessary, they can be useless without being implemented. Similar

to the effective discovery of network vulnerabilities, policy implementation requires 24/7

monitoring of a WLAN (WIRELESS LOCAL AREA NETWORK) (Krishnamurthy, P.

2002).

4. Invasion Detection and Protection 

Security mangers rely on invasion-detection and protection to ensure that all components

of WLAN (WIRELESS LOCAL AREA NETWORK) s are secure and protected from
 wireless threats and attacks. While many organizations have already set up intrusion-

detection systems for their wired networks, only a WLAN (WIRELESS LOCAL AREA

NETWORK) -focused IDS can protect the network from attacks in the airwaves before

the traffic reaches the wired network (Khatod, A. 2004). 

The most advanced wireless IDS includes the real-time monitoring of 802.11a/b/g

protocols. By continuous monitoring of all WLAN (WIRELESS LOCAL AREA

NETWORK) attack signatures, protocol analysis, statistical anomaly and policy

violations, organizations are able to detect attacks against the WLAN (WIRELESS

LOCAL AREA NETWORK) , including identity thefts from MAC spoofing, man-in-the-

middle and denial-of-service attacks, and anomalous traffic from unusual off-hours

activity or large downloads (Krishnamurthy, P. 2002).

The Layered Approach

With the cost of a wireless infrastructure decreasing with every innovative development, it is

becoming easier for people to use it for work and play anywhere they desire. It is also easier,

however, for hackers to exploit the short comings of WLAN (WIRELESS LOCAL AREA

NETWORK) s to break into networks through wireless back doors making millions of dollars

spent on firewalls and wired IDS useless. Without proper security, the integrity of valuable

information can be degraded (Khatod, A. 2004).

A layered approach is the only way to fully secure a network. Isolating devices and

communication between devices is a start; however, organizations must also have visibility into
their wireless network to understand where attacks are occurring. To achieve this, 24/7

monitoring of the air space is required to enable safe setting up of WLAN (WIRELESS LOCAL

AREA NETWORK) s. (Khatod, A. 2004).

Reference

Krishnamurthy, P. 2002. Wireless Technology. In Encyclopedia.com.Retrieved on 2 May 2021,

from https://www.encyclopedia.com/computing/news-wires-white-papers-and-

books/wireless-technology

Khatod, A. 2004. Five Steps To WLAN Security -- A Layered Approach. In ComputerWorld

.Retrieved on 2 May 2021, from https://www.computerworld.com/article/2567117/five-

steps-to-wlan-security----a-layered-approach.html