Professional Documents
Culture Documents
Following are few steps that can be taken to improve and maintain WLAN (WIRELESS LOCAL
The foundation for all WLAN (WIRELESS LOCAL AREA NETWORK) security starts
access points, soft access points (laptops behaving as access points), user stations,
wireless bar code scanners and printers -- symbolize one of the biggest hazards to
organization network security by creating an open entry point to the organization network
connecting a $50 access point to a wired network and a $40 WLAN (WIRELESS
WLAN (WIRELESS LOCAL AREA NETWORK) s even when IT departments are slow
to embrace the new technology or even opposed to it. These unauthorized access points
generally lack standard security and thus bypass an organization's investment in network
Insecure wireless user stations such as laptops pose an even higher risk to the security of
the organization network than unauthorized access points. The default configuration of
these devices offers insufficient and limited security and can be easily misconfigured.
Attackers can use any unauthorized wireless station as a launch pad to breach the network
(Khatod, A. 2004).
The same insecurity can come from network vulnerabilities originating from improperly
(WIRELESS LOCAL AREA NETWORK) s located in the same area as the WLAN
(WIRELESS LOCAL AREA NETWORK) also pose risks of the neighboring stations
Freeware, commercial scanners can survey the airwaves for unauthorized access points
and some network vulnerabilities. A slow and time-consuming effort, this process
LOCAL AREA NETWORK) coverage area looking for wireless data and is limited in
effectiveness because it only examines the airwaves for existing threats (Khatod, A. 2004).
New unauthorized access points and other vulnerabilities can appear after a scan and
might not be detected until the next time a network administrator checks the network.
John Girard, at Gartner Inc., stated at a security conference in Europe that the feeblest
effective way to achieving this is to buy a handheld "sniffer" and patrol the perimeter of
and vulnerabilities is best accomplished with 24/7 monitoring of the WLAN (WIRELESS
LOCAL AREA NETWORK). Continuous monitoring will identify when and where the
unauthorized access point first appeared, who it connected to, how much data was
exchanged between them and the direction of traffic in real time. Installing separate set of
2004).
The next step in WLAN (WIRELESS LOCAL AREA NETWORK) security includes
perimeter control for the WLAN (WIRELESS LOCAL AREA NETWORK) . Each
wireless-equipped laptop should be secured by setting up a personal agent that can alert
the organization and user of all security vulnerabilities and implement accordance to
Organizations should change the default Service Set Identifiers, which are basically the
names of each access point. Default SSIDs alert hackers to vulnerable WLAN
organization. An SSID of "HQ Office" or " Accounts" only calls attention to valuable
Most organization-class access points also allow the user to limit which stations can
(Krishnamurthy, P. 2002).
AREA NETWORK) from the parking lot or the floor above from where connection
speeds will be greatly reduced, access points should be configured to not allow the slower
Every organization network needs a policy for control and security. WLAN (WIRELESS
LOCAL AREA NETWORK) s are no different. While policies will be different based on
WLAN (WIRELESS LOCAL AREA NETWORK) policies should begin with the basics
of forbidding unauthorized access points and ad hoc networks that can bypass network
security. Many security features, like WEP or VPNs and broadcast of SSIDs, are
controlled on the access points and stations, policies should be in place to stop the
reconfiguration of access points and WLAN (WIRELESS LOCAL AREA NETWORK)
policies that limit WLAN (WIRELESS LOCAL AREA NETWORK) traffic to operate
on set channels, at connection speeds of 5.5Mbit/sec. and 11Mbit/sec., and only during
selected hours. By setting up a specific channel for each access point, all traffic on the
A policy that all stations connect at the higher speeds protects a WLAN (WIRELESS
LOCAL AREA NETWORK) from attackers in the parking lot or neighboring office who
are likely too far away to connect at 5.5Mbit/sec. and 11Mbit/sec. A policy that limits
protects a network from late-night attacks of an attacker in the parking lot connecting to
the network or an employee sending sensitive data from the wired network to a wireless
Although policies are necessary, they can be useless without being implemented. Similar
2002).
Security mangers rely on invasion-detection and protection to ensure that all components
of WLAN (WIRELESS LOCAL AREA NETWORK) s are secure and protected from
wireless threats and attacks. While many organizations have already set up intrusion-
detection systems for their wired networks, only a WLAN (WIRELESS LOCAL AREA
NETWORK) -focused IDS can protect the network from attacks in the airwaves before
The most advanced wireless IDS includes the real-time monitoring of 802.11a/b/g
violations, organizations are able to detect attacks against the WLAN (WIRELESS
LOCAL AREA NETWORK) , including identity thefts from MAC spoofing, man-in-the-
middle and denial-of-service attacks, and anomalous traffic from unusual off-hours
With the cost of a wireless infrastructure decreasing with every innovative development, it is
becoming easier for people to use it for work and play anywhere they desire. It is also easier,
however, for hackers to exploit the short comings of WLAN (WIRELESS LOCAL AREA
NETWORK) s to break into networks through wireless back doors making millions of dollars
spent on firewalls and wired IDS useless. Without proper security, the integrity of valuable
A layered approach is the only way to fully secure a network. Isolating devices and
communication between devices is a start; however, organizations must also have visibility into
their wireless network to understand where attacks are occurring. To achieve this, 24/7
monitoring of the air space is required to enable safe setting up of WLAN (WIRELESS LOCAL
Reference
from https://www.encyclopedia.com/computing/news-wires-white-papers-and-
books/wireless-technology
steps-to-wlan-security----a-layered-approach.html