Solutions for Detecting and Eliminating Rogue Wireless Networks

White Paper Published By: AirDefense

This paper presents the security risks inherit in wireless networks and explores the technical, functional and return on investment requirements needed for a monitoring solution for companies looking to protect and fortify their wireless networks from rogue wireless devices.

Tags :

wlan, wireless security, wireless freeloaders, wireless rogue, rogue, rogues, wireless infrastructure, monitoring

Published:	Apr 24, 2007
Type:	White Paper
Length:	7 pages

White Paper Best Practices for Hunting Down & Terminating Rogue Wireless LANs (WLANs) This paper provides an overview of the different types of rogue wireless LANs, risks faced by due to their proliferation and multiple approaches to detecting and mitigating rogue devices and networks. Enterprises that delay in deploying 802.11 wireless strong signal, it may connect with the new access LANs are facing increasing risks of employees point even if the AP is the laptop of an intruder in the installing their own rogue wireless LANs to the parking lot. enterprise network. Driven by the desire for mobility and fueled by the decreasing prices of wireless LAN Any wireless access point attached to a wired hardware, these employees circumvent an network essentially broadcasts an Ethernet enterprise's investment in IT security by plugging a connection and is a ramp to the entire enterprise $60 wireless LAN access point into an Ethernet jack network. Layer 1 and Layer 2 of a network is and connecting a $50 wireless access card to a typically protected by the CAT5 wire within a station. building in a traditional wired network but is exposed in a wireless LAN. These rogue wireless LANs are easy to install and provide the mobility that employees seek. However, Without proper security measures for authentication the end result is a wide-open entry point to the and encryption, any laptop with a wireless card can greater enterprise network. A rogue wireless LAN connect with the network or stealthily eavesdrop on effectively extends an Ethernet connection to anyone all network traffic across that access point from any inside and outside the building. Enterprises that have area within the colored areas on the map. decided not to deploy wireless LANs must first set a policy banning employees from installing their own Most rogue wireless LANs are deployed with networks and then determine how to enforce that consumer-grade hardware in defaults settings that policy. lack basic security measures of encryption, personalized Service Set Identifiers (SSIDs), and This paper provides an overview of risks Media Access Control (MAC) address filtering. organizations are facing due to proliferation of rogue However, even these basic steps of wireless LAN wireless LANs and describes multiple approaches to security provided by consumer-grade vendors are not detecting and terminating rogue networks. sufficient to secure enterprise wireless LANs, which require encryption beyond WEP, additional access

control filtering, intrusion detection, and 24x7 To understand the risks of rogue wireless LANs, one monitoring. must first understand the security vulnerabilities of all wireless LANs. Wireless LANs face all of the

security challenges of any wired networks in addition Just as employees first brought personal computers to to the new risks introduced by the wireless medium the office in the 1980s for their many benefits, that connects stations and access points. "Many Gartner clients have reported the First the medium in which a wireless LAN operates is discovery of "rogue" wireless LAN access points the air. Additionally, wireless devices self deploy that users had set up in the enterprise's and have the capability to connect to strangers. Due buildings. We know of several instances in to the growth of wireless LAN-enabled laptops and which corporate intranets were publicly the increasingly wireless-friendly Windows XP exposed - in locations with public access and Operating System, laptops in the default setting co-located with competitors - by wireless LAN automatically search for an access point in which to access points hidden by clever users." connect. Lastly, wireless devices are transient in the - Gartner way they connect. If a wireless device picks up a
employees are installing their own wireless LANs to with neighboring networks and ad-hoc, peer-to-peer corporate networks when IT departments are slow to networks. adopt the new technology. Soft Access Points While hardware APs have been the focus of security Even enterprises that are deplo... [download for more]

Browse Technology Topics

Data Center Virtualization, Cloud Computing, Infrastructure, Design and Facilities... more, Power and Cooling, Green Computing less		Data Management Application Integration, Analytical Applications, Business Intelligence... more, Configuration Management, Database Development, Data Integration, Data Mining, Data Protection, Data Quality, Data Replication, Database Security, EDI, SOAP, Service Oriented Architecture, Web Service Management, Data Warehousing less
Electronics Analog Communications, Digital Signal Processing, Electronic Design Automation... more, System On A Chip, Electronic Test and Measurement, Embedded Design, Boards & Modules, Embedded Systems and Networking, Electromechanical & Mechanical, Optoelectonics & Displays, Packaging and Interconnects, Passive & Discrete Components, Power Sources & Conditioning Devices, Integrated Circuits and Semiconductors, Sensors & Actuators less		Enterprise Applications Application Integration, Application Performance Management... more, Best Practices, Business Activity Monitoring, Business Analytics, Business Integration, Business Intelligence, Business Management, Business Metrics, Business Process Automation, Business Process Management, Call Center Management, Call Center Software, Change Management, Corporate Governance, Customer Interaction Service, Customer Relationship Management, Customer Satisfaction, Customer Service, EBusiness, Enterprise Resource Planning, Enterprise Software, EProcurement, Extranets, Groupware Workflow, HIPAA Compliance, IP Faxing, IT Spending, Marketing Automation, Performance Testing, Product Lifecycle Management, Project Management, Return On Investment, Risk Management, Sales & Marketing Software, Sales Automation, Server Virtualization, Simulation Software, Supply Chain Management, System Management Software, Total Cost of Ownership, Video Conferencing, Voice Recognition, Voice Over IP, Workforce Management, Incentive Compensation, Spend Management, Manufacturing Execution Systems, International Computing less
Human Resource Technology Human Resources Services, Payroll Software, Time and Attendance Software... more, Workforce Management Software, Financial Management, Employee Monitoring Software, Employee Training Software, Recruiting Software/Services, Employee Performance Management, ELearning, Benefits Management, Expense Management less		IT Career Advancement Cisco Certification, Microsoft Certification, Linux Certification... more, Network Security Certification, Software Development Certification less
IT Management Employee Performance, ITIL, Productivity, Project Management... more, Software Compliance, Sarbanes Oxley Compliance, Service Management, Desktop Management less		Knowledge Management Collaboration, Collaborative Commerce, Contact Management... more, Content Delivery, Content Integration, Content Management System, Corporate Portals, Customer Experience Management, Document Management, Information Management, Intranets, Messaging, Records Management, Search And Retrieval, Search Engines, Secure Content Management, SLA less
Networking Active Directory, Bandwidth Management, Convergence, Distributed Computing... more, Ethernet Networking, Fibre Channel, Gigabit Networking, Governance, Grid Computing, Infrastructure, Internetworking Hardware, Interoperability, IP Networks, IP Telephony, Local Area Networking, Load Balancing, Migration, Monitoring, Network Architecture, Network Management, Network Performance, Network Performance Management, Network Provisioning, Network Security, OLAP, Optical Networking, Quality Of Service, Remote Access, Remote Network Management, Server Hardware, Servers, Small Business Networks, TCP/IP Protocol, Test And Measurement, Traffic Management, Tunneling, Utility Computing, VPN, Wide Area Networks, Green Computing, Cloud Computing, Power and Cooling, Data Center Design and Management, Colocation and Web Hosting less		Platforms AS/400, Domino, Linux, Microsoft Exchange, Oracle, PeopleSoft... more, SAP, Siebel, Solaris, Tivoli, Unix, Web Sphere, Windows, Windows Server less
Security Access Control, Anti Spam, Anti Spyware, Anti Virus, Application Security... more, Auditing, Authentication, Biometrics, Business Continuity, Compliance, DDoS, Disaster Recovery, Email Security, Encryption, Firewalls, Hacker Detection, High Availability, Identity Management, Internet Security, Intrusion Detection, Intrusion Prevention, IPSec, Network Security Appliance, Password Management, Patch Management, Phishing, PKI, Policy Based Management, Security Management, Security Policies, Single Sign On, SSL, Secure Instant Messaging, Web Service Security, PCI Compliance, Vulnerability Management less		Software Development .NET, C++, Database Development, Java, Middleware, Open Source... more, Software Outsourcing, Quality Assurance, Scripting, SOAP, Software Testing, Visual Basic, Web Development, Web Services, Web Service Security, XML less
Storage Backup And Recovery, Blade Servers, Clustering, IP Storage... more, ISCSI, Network Attached Storage, RAID, Storage Area Networks, Storage Management, Storage Virtualization, Email Archiving, Data Deduplication less		Wireless 802.11, Bluetooth, CDMA, GPS, Mobile Computing, Mobile Data Systems... more, Mobile Workers, PDA, RFID, Smart Phones, WiFi, Wireless Application Software, Wireless Communications, Wireless Hardware, Wireless Infrastructure, Wireless Messaging, Wireless Phones, Wireless Security, Wireless Service Providers, WLAN less