How to Make Wireless Networks Secure
by Michele Lewington - Managing Director of Network Utilities (Systems) Ltd - Wednesday, 26 March 2003
In addition to the security problems this method introduced, it also didn't scale well. The MAC address for each user must be stored on each AP on the wireless LAN, creating a cumbersome management scenario and increasing the possibility of security breaches due to administrative oversight.

Data privacy was provided for via a sub-protocol called wired equivalent privacy, or WEP, intended to provide the same level of security found in a wired LAN. As it turned out, first-generation implementations of WEP did not provide this level of security. In fact, numerous published reports, the latest prepared by AT&T, demonstrated convincingly that WEP was easily cracked, seriously breaching the privacy of any wireless data transmission.

The 802.1X Solution

802.1X is a next-generation draft of IEEE WLAN specifications and protocols written to address the security and management pitfalls of 802.11b. The 802.1X protocol provides sub protocols and methods for better protecting authentication and data transmission, including:

An authentication process - such as a RADIUS server or access point-based authentication - to manage WLAN user authentication, connection attributes, and other matters related to setting up and securing the WLAN connection. While the 802.1X protocol does not recommend one authentication process over another, the market has overwhelmingly adopted RADIUS as the preferred authentication process on WLANs for several compelling reasons:
  • With RADIUS, authentication is user-based rather than device-based, so, for example, a stolen laptop does not necessarily imply a serious security breach.
  • RADIUS eliminates the need to store and manage authentication data on every AP on the WLAN, making security considerably easier to manage and scale.
  • RADIUS has already been widely deployed for other types of authentication on the network
Extensible Authentication Protocol (EAP), and EAPoL (EAP over LAN) - EAPoL is the transport protocol used to negotiate the WLAN user's secure connection to the network. Security is handled by vendor-developed "EAP authentication types", which may protect credentials, data privacy, or both.


10 practical security tips for DevOps

By working with the DevOps team, you can ensure that the production environment is more predictable, auditable and more secure than before. The key is to integrate your security requirements into the DevOps pipeline.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Mar 31st