Lin Tao: Is wireless more secure than wired?

The security of wireless networks is indeed imperative, but as long as the relevant configuration work is done, wireless networks can still secure enterprises, and it is more secure than wired networks.

Users claim that wireless security is their priority, but many enterprises do not have all the security options to install during the implementation of wireless networks, which often makes it easy to install wireless devices, but it is difficult to ensure security and management.

First reveal your identity

In a wireless network, each access point can set the corresponding security level according to different user requirements. This is a strict identity-based network that is more difficult to use illegally. Wireless Networks want users to prove their identity by providing passwords, digital certificates, or biometric identification, such as thumb fingerprints. The system will compare with the AAA authentication/authorization/billing server, and confirm that you are the person you claimed before you can access the server.

Many may say: Oh, but what should I do if I encounter identity theft or device theft? Didn't recent news mention that Russian ElcomSoft uses Nvidia graphics cards to increase the time spent restoring wireless passwords by 100 times? Are these methods not enough to ensure network security?

Of course, encryption technology is only an element to ensure network security. When ElcomSoft mentions cracking WPA or WPA2, It does mean restoring the password of the WPA-PSK through a "brute force" attack, which is not a new technology. However, you need to compare the eight-digit PSK password with at least eight digits. It has 208,827,064,576 changes. In this case, it takes at least 345 days to find a password without any rules. If you set a 9-digit password, you'll probably look for 25 years, and the WPA-PSK can set up to 64 characters of password.

Once you verify the user, how do you verify the network for the user to ensure the authenticity of the network? The wireless system will present its certificate to your device to confirm that the network you are logging on to is real and valid.

Authorization and Configuration

Another wireless weapon is the authorization certificate. Resources in the wireless network are locked, so when you roam over the network, whenever you move from a new access point to a new area, it will check and confirm your access permissions.

The access point also records every action and sends the information to the server in real time to minimize security violations. For example, whether a visitor obtains the content that they should not access and reviews and tracks the compliance of security regulations.

In addition to the security of devices, wired networks focus on all physical layer issues. For example, when a laptop is lost, most of them rely on the provided proof material to name it and do not need to prove its identity. This kind of behavior that places network security on the office front-end is very dangerous, and people can bypass security defense. If you use a wireless network, the network will immediately stop you from logging in once you have no proof.

Most solutions have very few or are unable to manage the visitor's connection to the visitor's network, such as understanding the time, location, and how the visitor's network is used), and not all devices support the 802.11i security protocol, therefore, access to enterprise network resources must be restricted.

The key is to decide what security settings should be adopted, rather than relying on a box to solve all the problems. It is critical to design and plan an appropriate network with the appropriate security level. Adhering to industry standards and ensuring that your network displays audit trails, wireless is the most reliable and secure. By correctly configuring the wireless LAN, it is safer than the wired network.

TIPS: some security suggestions

User identity should be followed, not just a password

Enterprise Wireless LAN should not be configured to use the pre-shared key WPA or WPA2 PSK)

Try to use WPA2 encrypted enterprise wireless network. This version of the product uses 802.1x authentication, AES encryption, and AAA Server to support RADIUS

With management software, you will be able to understand what is happening on the network in real time around the clock

1. Is your WLAN secure? Protect data in the WLAN
2. WLAN Security Technology Overview