Download these datasheets and manuals as PDF              
Technical Tips
Ideas and procedures that just might help. No charge!
     

WLAN Security Tips

Wireless LANs offer huge advantages over wired networks in terms of flexibility and mobility. With those advantages comes increased exposure to competitors 'reading your mail' or worse 'hacking' into your wired network through the RF. Hackers have become very clever at finding the SSID and in many cases have open access to the wired network through the wireless access point.

Here are some of the basic steps you can take to increase security.

1) Enable all the security options in your access point. As obvious as this may seem. Many
users don't bother to turn on even the most basic of security features or accept the default SSID's etc,
that the hardware installer used. Change your settings, change your passwords and make them secure.
Generally the 'high end' AP's from Cisco and others offer the best range of security features.

2) Ensure there are no 'unauthorized' access points on the network. Employees who
find the flexibility of Wireless an aid to their work often bring in cheap AP's and set up small 'ad-hock'
networks without IT authorization. Set a clear policy on this.

3) Learn about Security. Visit web sites such as this that keep you up to date on the latest trends in
Wireless Security. As mentioned above the latest high end AP's have a number of security
enhancement like Extensible Authentication Protocol (EAP) and Temporal Key Integrity Protocol
(TKIP). These give extra levels of security above the original Wired Equivalent Privacy (WEP) protocol.

4) Plan for 'just enough' coverage. Your greatest vulnerability is where signal spills across public
places. Roads parks etc. If you don't need coverage in loading bays etc, don't add it 'just in case'. Don't
use 'high gain' antennas if they are not required. Think about AP placement in offices facing roads.
Use Flat Panel antennas to direct signal inwards. These antennas excellent 'front to back ratio'
so that very little signal radiated behind the panel towards the road. Think about security from the first
step, the Site Survey.

5) Remember, Security impacts throughput. Good security always comes at a price. The more
'layers' of security you add, the more network traffic is required.

6) Buy network monitoring software. The big seller at the 2004 Boston 802.11 conference was the
number of Real-time monitoring displays for Wi-Fi traffic. These products address the problem of
intruder detection and traffic reporting.

7) Consider an RF Firewall. With the ease that MAC (Media Access Control) addresses can be
'spoofed' by many Wireless Lan cards, MAC identification is not enough. DHCP allocation of IP
addresses makes the hackers task even easier. Firewall authorization will require the user to logon
again, making the hackers job even harder.

8) Remember our name and contact number. We can help from initial site survey to all the products and software mentioned above, or help in an emergency - just email, or call our contact numbers.

© Phillip Harden
 
     Video Presentations
Company Presentation
Case Studies
Hardware Vendors