Subscribe by Email

Thursday, November 28, 2013

Security - What are some of the different ranges of wireless security measures?

When you get to be serious about wireless security, there are several mechanisms / measures that you can take, here are some details of the problem and solutions:
First – generation wireless networking has made it hard to decide whether or not you should deploy a wireless local area network (WLAN) even though there are many shortcomings such as rampant threats, vulnerabilities of the protocol and so on. Sometimes you might feel like banning the WLAN neglecting its advantages in business due to a fear of rogue AP (access points) cropping up. In either of the cases it’s a no- win situation. However, over a period of time, wireless protocols have been revised with some improvements that have made them more secure. Given the various threats (some of which can be innovative), wireless security has to be taken seriously like other types of network threats.
A WLAN security suite should be installed for providing security. The Wireless security can be more enhanced if we have a proper knowledge about how to correctly integrate wireless devices with wired networks, upgrading the existing security tools and after a due selection of the appropriate security technologies. We should be sure that security solutions for virtual private networks are based on the present generation of the encryption and authentication protocols. Because threats can come in new and improved methods, on a continuous basis, you need to keep monitoring the health of your network for keeping it secure. Attackers are always waiting for seeing an unprotected WLAN and then invading and turning it.
It is quite easy to record wireless traffic and eventually break in, getting such valuable info such as proprietary information, login details, server addresses and so on (nowadays, stealing credit card details seems to have become a business for the attackers). In addition to stealing information, the attackers can also take control of networks and use them for transmitting spams, steal bandwidth, or use this network as a Launchpad for attacking other networks. The traffic can be recorded and modified, and the consequences can be legal or financial.
A business can be disrupted even by an attacker with low technology skills with packaged scripts that make it easy to attack networks and hunt for weak points (for example, a known security hole has not be fixed and the script uses that hole to get inside and eventually gain access). The attacker can flood your internet uplinks, wired networks and access points with wireless packets. You should known from what you are defending your systems and why protecting different possible points of entry. If you don’t know this, then you don't really have a chance, at sometime or the other, you will have your network without protection, and all the security measures are in vain.
The identification of assets and the impact of the loss is critical for security analysis. If you are using connection methods such as DSL, dial up or wireless, the access requirements should be defined by your security policy. If your system follows a remote access policy for the telecommuters, it should be expanded to incorporate wireless. If there is no such policy, one should be created. The scenarios unique to the wireless network must be included. The rules of wireless network are different for the employees and office visitors. The public areas have jacks that are typically associated with some known addresses and are sometimes disabled. But the PDAs and the laptops can be easily connected to the wireless stations and access points in the nearby location. This serves as both opportunity and a threat.
For guests the peer-to-peer networking should be prohibited and sessions should be permitted through certain access points with limited bandwidth and duration. After the identification of the assets, enumeration of the risks should be done. The last step is the quantifying of the risks. In security it is always important to weigh the risk against the cost. Once you have got this right, the other WLAN alternatives can be considered. Before setting up the access points, you should take a survey of the WLAN using a discovery tool. Some set up wizards have made it possible for the employees to deploy rogue access points through which the corporate’s info and assets can be exposed to the outside world. It can also introduce disturbance in to the WLAN. These rogue apps must be eliminated. With such surveys, you can also find workstations that are not authorized to access the internet. 

No comments:

Facebook activity