• United States
Senior Editor

Wireless security: Too much of a good thing?

Aug 04, 20032 mins
Network SecuritySecurityWi-Fi

* A list of some routine steps for securing a WLAN

Not long ago, the complaint heard about wireless LAN security was that there wasn’t enough of it. Now it seems there may be too much.

Network executives today face a bewildering number of approaches to solve what’s been a consistent hot-button issue for them. As a result, once users get past some very basic recommendations, best practices in WLAN security hinge on your specific enterprise security needs.

Wireless experts and net managers can quickly run off a basic set of routine steps to help lock up wireless LANs. These typically include:

* Turning on basic Wired Equivalent Privacy encryption for all access points.

* Create a list of MAC addresses that are allowed to access the WLAN.

* Use a dynamic encryption key exchange method as implemented by various security vendors.

* Keep software, and patches, on access points and clients up to date.

* Create access point passwords that can’t be easily guessed.

* Change the Service Set Identifier on the access point, and block the SSID broadcast feature.

* Minimize radio wave leakage outside your building through access point placement and antenna selection.

Some users welcome the possible end of what one called “frankenparts” – cobbling together a security architecture and a set of best practices based on products from several vendors. But others see the multiplicity of choices as a benefit. The numerous choices compel a systematic security approach that uses existing resources while being flexible enough to meet new standards.

For more on this story see: