Enterprise Wireless Network Stability and Security

There are a lot of Wireless Configuration technologies in enterprises, so some network administrators are not very clear about the specific methods to improve network security. Here we will explain in detail.

The current enterprise network not only has a fixed line LAN, but also has a wireless LAN. In fact, both wired and wireless networks face security issues. A hacker once said: as long as it is a default network setting that has not been modified, it is a fake wall. If you want to come, you can leave ......

Why is enterprise wireless network insecure?

Because wireless network access does not require network cable connection, a hacker can add network signals and connect them to the enterprise intranet by taking a hacker network device, and then infiltrate the entire network through various techniques, this allows you to control the internal LAN of the entire enterprise. The following describes the vulnerabilities in the enterprise's wireless network.

Wireless Networks are exposed. Compared with wired networks, wireless networks rely only on radio waves for transmission and reception. As long as malicious users have certain knowledge about wireless networks, the security of enterprise wireless networks is quite a problem. Intruders can destroy and intrude through highly sensitive receiving devices.

The default Wireless LAN has no security at all. Almost all APs enable WEP Encryption Based on the default configuration or use the default key provided by the original manufacturer. Due to the formation of open access to the wireless LAN, hackers can use their default password to access the wireless network.

3. Once connected to the enterprise's wireless LAN, hackers can obtain the MAC address of the website in a simple way, and then use these MAC camouflage addresses for further spoofing attacks. Of course, hackers can also capture session frames to discover authentication defects in the AP, so as to locate the attack.

Due to the security of the wireless LAN, many enterprises only deploy the network in the resting entertainment center. Instead of using it in the core exchange zone of the enterprise. In fact, as long as the security policy is well implemented, enterprise wireless LAN can also be fixed.

Enterprise Wireless LAN security settings

Large enterprise networks have always been the focus of hackers. To ensure the normal operation of their wireless networks, lao Zhang, a network administrator of a large enterprise, made the following steps to adjust the wireless network and set policies.

Change the password of the AP Default User name: Because the default address, user name, and password of many wireless routers are admin, if you do not change the user name and password, hackers or malicious users can easily connect to the enterprise's wireless network. Therefore, Lao Zhang re-modified the password's difficulty and number of digits.

Disable SSID broadcast in AP: because all current wireless network settings adopt open WEP encryption, the ssid id can be searched at any time. At this time, Lao Zhang thought of disabling the SSID broadcast. (Note: if an enterprise needs to enable the SSID, try to obtain a new name, which prevents hackers from cracking it easily .) WEP itself only provides a 40-bit, 64-bit, and 128-bit key mechanism.

Binding MAC addresses in the Network: to prevent computers from accessing the Intranet and the Internet without being attacked by the popular ARP virus, Lao Zhang binds all computers in the enterprise wireless network to MAC. The procedure is as follows: Click Run in the Start Menu-Enter cmd in the run window, click OK, enter ipconfig/all in the open command window, and press Enter, obtain the MAC Address of the current computer (Physical Address is the MAC Address ). Then, on the AP Management page, Lao Zhang fills in the MAC address list that allows access to the AP. the MAC address that is not in the list is not accepted by the AP.

Pay attention to the problem: the above is Lao Zhang's security settings for enterprise wireless networks. However, to face complex wireless network threats, enterprises also need to perform more security management for their own enterprise network environments, such: the LAN sets up AP authentication, SSID and WEP Key and management.