Security Considerations
Some of the major drawbacks to the implementation of a wireless network are the inherent security issues. In a typical wired LAN, access to the physical network is controlled by the physical locations of switches, wall ports, and so on. With a WLAN, radio waves are the physical medium; therefore, anybody can easily gain access to the physical portion of the network. That is not to say that a wireless network is completely insecure.With the proper implementation of WEP, protocol filtering, and Virtual Private Networks (VPNs), a wireless network can be almost as secure as a normal wired network. However, it takes a great deal of planning and effort to implement a WLAN with this level of security.This additional overhead of work plus the general fear of a possible security breach is one of the primary reasons that wireless networks are not as prominent in the corporate world as one might expect. When designing a WLAN, security should be one of the most important factors in the design plans. Whenever an AP or any other wireless network device is implemented, it should be configured to be as secure as possible, use the highest level of encryption that it can, and meet the security policies implemented throughout the rest of the WLAN. Ensuring the implementation of high security standards throughout the WLAN is the only way to mitigate the risks involved in using radio waves as the physical medium.To ensure the highest possible security of a WLAN, it is critical to encrypt wireless transmissions by using WEP. If WEP is not implemented in a WLAN, every wireless transmission on the WLAN can be intercepted using a simple sniffer on a laptop with a wireless card.Any network traffic not encrypted by default will be available in cleartext to an intruder. Using protocol filtering or limiting access to a network based on wireless card MAC addresses are two additional methods of ensuring the security of a WLAN. Protocol filtering allows you to prevent the use of various unsafe or non-preferred protocols on your WLAN. Limiting WLAN access based on MAC addresses will prevent any intruders from connecting to the APs unless they have gained access to an authorized wireless network card. Both of these methods can help a great deal in securing a wireless network. Another design that helps secure a WLAN is the use of VPNs. Using a VPN to connect a wireless network to a wired network can help prevent any successful intruders of the WLAN from getting access to the network devices or systems on the wired LAN.This added layer of separation can also make it easy to add a firewall between the WLAN and the wired LAN to prevent various attacks against the wired LAN devices that could potentially come from the WLAN.
1640 times read
|
|
|