Tools, not standards, that help tie down wireless nets - Network World

Skip Links

DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Wireless & Mobile

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library.  Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.

Additional Resources

RSS

FEATURED WHITEPAPERS

Fill the Gaps in Your Disaster Recovery Plan with Single Object Recovery for Active Directory NetPro

Most companies have a solid disaster recovery plan in place to handle a "complete failure" of its Active Directory, which is really quite rare. What most recovery plans are missing, and the most common scenario, is a means to efficiently restore single directory objects. In this paper, we'll explore what most disaster recovery plans already address, highlight potential weak points, and suggest solutions that help fill those gaps-without requiring you to completely re-do your existing plan.

RSS

FEATURED REPORTS

Executive Guide: Storage Heats Up HP

Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.

Tools, not standards, that help tie down wireless nets

By Joel Snyder and Rodney Thayer , Network World , 10/04/2004
  • Social Web 
  • Email 
  • Feedback 
  • Close
Clear Choice Special Report

Security standards aside, wireless gear vendors are peppering their products with other features that can help secure WLANs, including access controls, VPN technologies and tools to locate and lock out rogue users.

One of the most common security features of the access points tested was MAC-based access controls. 3Com, Actiontec, AirespaceAruba, Buffalo, CiscoHP, Netgear, Proxim, SMC and Trapeze all support this feature. To use these controls, you need to know the Ethernet address of every wireless card that will connect to your network. It might seem tedious, but it helps defend against casual attackers.


Cracking the wireless security code
Security picks
What we tested
WEP: Stick a fork in it
802.1X: A stepping stone
WPA - An accident waiting to happen
802.11i: The next big thing
Security standards aside, lock down your boxes, boys!
Wireless Access Point: Wire-side security testing (PDF)
How to do it: Securing your wireless LAN
Glossary of wireless security terms
Explaining TKIP
How we did it

Archive of Network World reviews
Subscribe to the Product Review newsletter


MAC-based access controls come in two flavors. Access points designed for home use force you to keep a static list of MAC addresses on the access point. This technique has become popular enough that access point and wireless switch vendors have scaled this technique so that multiple access points can look up the static MAC address in a RADIUS server to see if it's allowed on the network.

Access control of the second sort comes in built-in firewalls shipped as part of an access point. Some access points, such as 3Com's WL-450, do a very simple type of packet filtering, primarily designed to keep garbage such as IPX routing broadcasts off your WLAN. Others have a more sophisticated set of packet filters for access controls. For example, the Airespace switch and the Buffalo, Cisco, HP and Proxim access points all let you control access up to the IP level. For serious firewalling, Aruba packs a full, stateful firewall into its wireless switch equipment.

1 | 2 | 3 |  Next >
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.
First Name
Last Name
E-mail
Zip Code
IT Buyer's Guides

View All Buyer's Guides