Security Considerations

 
Some of the major drawbacks to the implementation of a wireless network are
the inherent security issues. In a typical wired LAN, access to the physical network
is controlled by the physical locations of switches, wall ports, and so on.
With a WLAN, radio waves are the physical medium; therefore, anybody can
easily gain access to the physical portion of the network.
That is not to say that a wireless network is completely insecure.With the
proper implementation of WEP, protocol filtering, and Virtual Private Networks
(VPNs), a wireless network can be almost as secure as a normal wired network.
However, it takes a great deal of planning and effort to implement a WLAN with
this level of security.This additional overhead of work plus the general fear of a
possible security breach is one of the primary reasons that wireless networks are
not as prominent in the corporate world as one might expect.
When designing a WLAN, security should be one of the most important factors
in the design plans. Whenever an AP or any other wireless network device is
implemented, it should be configured to be as secure as possible, use the highest
level of encryption that it can, and meet the security policies implemented
throughout the rest of the WLAN. Ensuring the implementation of high security
standards throughout the WLAN is the only way to mitigate the risks involved in
using radio waves as the physical medium.To ensure the highest possible security of a WLAN, it is critical to encrypt
wireless transmissions by using WEP. If WEP is not implemented in a WLAN,
every wireless transmission on the WLAN can be intercepted using a simple
sniffer on a laptop with a wireless card.Any network traffic not encrypted by
default will be available in cleartext to an intruder.
Using protocol filtering or limiting access to a network based on wireless
card MAC addresses are two additional methods of ensuring the security of a
WLAN. Protocol filtering allows you to prevent the use of various unsafe or
non-preferred protocols on your WLAN. Limiting WLAN access based on MAC
addresses will prevent any intruders from connecting to the APs unless they have
gained access to an authorized wireless network card. Both of these methods can
help a great deal in securing a wireless network.
Another design that helps secure a WLAN is the use of VPNs. Using a VPN to
connect a wireless network to a wired network can help prevent any successful
intruders of the WLAN from getting access to the network devices or systems on
the wired LAN.This added layer of separation can also make it easy to add a firewall
between the WLAN and the wired LAN to prevent various attacks against the
wired LAN devices that could potentially come from the WLAN.