Chris Sanders

Would you allow somebody to bring a laptop into your corporate headquarters and plug it directly into an Ethernet port? Then why would you allow someone easy access to your network via its wireless infrastructure? That is exactly what you are doing when you do not invest in the security of your wireless network.

It is so common to talk to a Network Admin and listen to them tout the security of their WEP or WPA enabled wireless network. WEP, WPA, and similar technologies are very easily surpassed by even the most novice of hackers. It is for this reason that I refer to securing a wireless network as “investing” in its security. That is because relying on just the individual wireless access points security is not enough.

If your wireless infrastructure is of any reasonable size then it is a safe bet to say that you should look into spending some extra money in securing it. How do you do this? There are a variety of different ways you can go about implenting server based wireless security. The most common (and secure) is RADIUS based security with the enchancements of certificate based authentication. This ensures thats only the wireless clients listed in a RADIUS database on a physical server and holding a certificate pushed out by group policy will be able to authenticate to the network. If someone wishes to compromise the security of your wireless network then they must also compromise the RADIUS and certificate servers. There are several other ways to secure your wireless network beyond WEP/WPA, and I highly reccomend looking into them.

Remember, you can never destroy all of the paths a hacker can take to compromising a device or service. You can however put plenty of hurdles in the way of those paths ot make the process a lot harder.

Be Sociable, Share!

•