We test 23 wireless products from 17 vendors to see if it is possible to deploy a secure wireless LAN with technology available today.
Is it possible to deploy a secure wireless LAN with technology available today? That question preys on the minds of IT executives who are tempted to deploy enterprise WLANs, but are hesitant because of security concerns.
So we assembled 23 wireless products from 17 vendors and ran them through a battery of tests aimed at getting the answer.
Wired Equivalent Privacy (WEP) is very weak in many products, and we don't recommend using it other than in very specialized cases. WEP's successor, Wi-Fi Protected Access (WPA) has flaws but provides solid security when combined with 802.1X authentication and deployed carefully. Ultimately, 802.11i, the standard that replaces WEP and WPA, will provide all the tools needed to protect WLANs.
Also see: Wireless router basics
To their credit, vendors are aggressively shipping products at all prices that support enterprise-class security features. Two-thirds of the products tested support 802.1X, and vendors are moving rapidly to comply with 802.11i standards.
In this case, we focused entirely on security, and based on our testing, we drew some conclusions about which products would be the most secure additions to your network.
The details on 23 products that we put under a security microscope with our battery of tests.
Tests show some vendors are lax about plugging WEP holes.
As an authentication standard for wired networks, 802.1X has a happy side effect when used with WLANs: It gives you per-user, per-session WEP keys.
WPA can be a better option. Unfortunately, the easiest way to use it actually makes it easier to crack than WEP.
The IEEE standard called Robust Security Networking is a force to be reckoned with.
To build a secure wireless network, it's not enough to watch the airwaves. You must lock down the access points, much like the rest of your network infrastructure.
Find out which of the 15 access points and wireless switch vendors leave the back door to your WLAN wide open.
We're left with the question: How do you secure your WLAN?
Security standards aside, wireless gear vendors are peppering their products with other features that can help secure WLANs, including access controls, VPN technologies and tools to locate and lock out rogue users.
A laundry list of terminology used to describe wireless and wireless security.
Temporal Key Integrity Protocol (TKIP), as defined by the IEEE 802.11i specification, addresses the encryption part of the wireless security equation.
How we tested the security of various wireless access points and switches.
Learn more about this topic
Snyder and Thayer are also members of the Network World Lab Alliance, a cooperative of the premier reviewers in the network industry, each bringing to bear years of practical experience on every review. For more Lab Alliance information, including what it takes to become a member, go to www.nwfusion.com/alliance.