3 Steps for Bullet-Proof Wireless LAN Security & Management

White Paper Three Steps for Bullet-proof Wireless LAN Security & Management
The only way for organizations to fortify their wireless networks is to use a layered approach to security mirroring the security of wired networks. This white paper will cover a systematic approach to secure all network components. This layered approach includes: locking down the wireless LAN's perimeter, securing communication across the wireless LAN and continuously monitoring network traffic.
While a wireless LAN can be installed by simply security practices of wired networks. This layered plugging an access point into an Ethernet port, an approach to security addresses all network enterprise wireless LAN deployment requires a more components: thought-out plan that incorporates advanced security 1. Secure Wireless LAN Devices and management technologies. 2. Secure Communications



 


















 3. Monitor for Security & Compliance Over the last year, analysts and media have documented and publicized vulnerabilities of wireless In fact, Gartner outlined the three "must have" LANs, such as encryption that can be broken and requirements for enterprise wireless LANs: rogue access points that allow intruders to connect to your network. * Install a centrally managed firewall on all laptops that are issued wireless network interface cards or are bought These reports focus on breaking encryption, the risk with built-in wireless capabilities. This protects against ad hoc WLAN connections and Internet attacks when of unauthorized access points connected to the wired users connect to public "hot spot" Internet providers. network, and the failure of enterprises to incorporate security into their wireless LANs. The attention on * Perform wireless intrusion detection to discover rogue the pitfalls of wireless LANs has inspired some access points, foreign devices connecting to corporate enterprises to ban wireless LANs altogether, but any access points and accidental associations to nearby organization that utilizes laptop computers faces the access points in use by other companies risk of these easily becoming wireless stations that * Turn on some form of encryption and authentication for introduce security risks. supported WLAN use. However, security-conscious enterprises are fortifying their wireless LANs with a layered - Gartner approach to security that resembles the accepted
Layered Approach to Security 1. Secure Wireless LAN Devices All access points should be completely locked down Like installing a door on a building to keep passersby and reconfigured from their default settings. The from wandering in, enterprises must control the SSIDs and passwords of the access points should be perimeter of their enterprise networks. For the changed from their default names. Some traditional wired LAN, this was accomplished by organizations choose to establish set channels of installing firewalls to control the entry point to the operation for each AP to identify all off-channel network. However, wireless LANs present greater traffic as suspicious activity. challenges from the hard-to-control nature of radio transmissions. To secure mobile users at hotspots etc, organizations can deploy the AirDefense Personal product. An With data and network connections broadcasting industry first, AirDefense Personal protects mobile across the air and through windows, walls, floors, and users of hotspots and other public Wi-Fi networks ceilings, the perimeter of a wireless LAN can be as from wireless-specific risks that could expose private difficult to control as it to define. However, data and transactions. AirDefense Personal is a enterprises can control the perimeter of a wireless software agent that runs on Windows PCs and LAN by securing their WLAN devices that act as the monitors for malicious or accidental wireless activity endpoints of the network. and wireless misconfigurations that may cause "The use of wireless LANs and mobile security exposures or policy violations. The workforce is on the rise; so is sophistication of AirDefense Personal agent offers protection from a wireless threats and attacks. Mobile users broad and growing set of new risks that directl... [download for more]