Securing Wireless Networks
Wireless must be driving some of you to distraction! I find it so liberating but also troublesome too.
Here are essential good practices and guidelines for IT Managers that I have found useful. They come from an interview I did with top wireless security expert, Sumit Deshpande, VP of the Wireless Solutions Group for Computer Associates.
Look at this sampling of questions I pose to Sumit. He provides some good practical answers in the full interview:
Can you share with us three case studies about the key success factors and best practices for enterprises contemplating a wireless implementation?
What are the ten most critical security areas concerning wireless networks including little known ones? How can they be resolved? What about 802.11i, the Wi-Fi standard that provides enhanced security, superior encryption, and uses Extensible Authentication Protocol (EAP), and measures such as using VPN and 802.1x authentications processes? Share with us recent statistics in this area. [Ed. Note from best to worst: AES = Advanced Encryption Standard; WPA = Wi-Fi Protected Access; WEP = Wired Equivalent Privacy]
Encryption systems used in wireless connections such as WPA (Wi-Fi Protected Access) and WEP (Wired Equivalent Privacy) have challenges. What are the current issues and where do you see this evolving beyond 802.11i?
Controlled authorization, time and location boundaries/restrictions are administration challenges with wireless networks. Can you detail these and other issues around secure access?
Using more than four channels presents problems with interference and channel management -- as does the misconception that the same SSID [Service Set Identifier] requires the same channel for access points. What are your recommendations and how will this evolve in the future? And what about load balancing?
Describe the state of the major wireless standards today and into the future. Which ones must be adopted by enterprises for competitive advantage? And what about the future such as with 802.11n and 802.16?