Resolve five questions about 802.11n Security

802.11n can deploy mobile applications with multiple requirements. It is also a mature milestone. Many customers are willing to deploy wireless networks on a large scale, or even replace Ethernet ). This expansion greatly increases the importance of wireless security and wireless security services to the business. VAR value-added dealers) and system integrators can leverage this market demand by providing more effective and more large-scale WLAN security solutions, including cloud-based services.

802.11n Security availability

As WLAN will compete for limited unauthorized spectrum, radio frequency RF) Interference Reduction is very important to ensure availability and reduce Denial of Service events. Now, we will not discuss the signal strength, but look for a high usage frequency to avoid being fully occupied. The Free "stumblers" Computer Testing Software) allows us to more easily observe the currently occupied Wi-Fi channels, but few customers know how to use the RF spectrum analyzer. This provides many market opportunities, greatly driving the use of mobile spectrum analyzers such as Fluke AnalyzeAir, Metageek Wi-Spy, or Wi-Fi Sleuth.

RF interference is constantly changing. However, most customers who do not want the system to be shut down may prefer to buy an RF spectrum analyzer and then seek training from VAR value-added dealers. However, some new products, such as Aruba, Cisco, Meru, and Motorola, have established an alternative delivery model: Selling wireless APs with spectrum analysis functions. Cloud services can even use these AP devices to make RF reports to supplier operation servers, such as Meru's E (z) RF Spectrum Manager or Cisco's MSE CleanAir Technology.

Wireless Security Service: Control WLAN Access

The new 802.11n device integrates the security features of long-distance Wi-Fi-certified devices such as 802.11a/g devices-wpa2. However, when the 802.11n device configuration is outdated and the options are weak (such as WPA-TKIP or WEP), The 802.11n device cannot reach a high throughput (> 54 Mbps ). In addition, enterprises and organizations are increasingly sensitive to unauthorized wireless network usage as they gradually implement wireless coverage access over the network. Therefore, upgrading 802.11n is generally considered the best way to provide and enhance WLAN Security.

The customer expects WPA2-PSK and WPA2-802.1X to be incorporated into the WLAN infrastructure. However, dealers can achieve customer expectations by providing complementary authentication and network access control products. For example, AP devices and controllers can perform 802.1X authentication, but a 802.1X-capable RADIUS server requires a complete event description. VAR has been selling RADIUS servers for a long time, such as Cisco's ACS or Juniper's SBR, but remote offices and SMB may not require on-site RADIUS servers or staff for support. This blank market may be filled by the cloud-based 802.1X authentication service.

Network Access Control has more favorable opportunities. The NAC product is consistent with 802.1X and RADIUS. The pre-connection scanning mechanism can ensure the compliance of Wi-Fi clients and reject or isolate non-compliant clients. But for different clients, integrating NAC into a large network also has different troubles. WLAN upgrade is an opportunity to deploy NAC in a simple and isolated location, and helps customers experience better wireless access extension experience when experiencing the benefits of NAC.

Wireless intrusion detection and defense

The customer wants to detect rogue APs, such as WPA2, which can be embedded into the WLAN infrastructure. To avoid risks, especially in the retail, medical, insurance, and financial services industries, customers may find that rogue scanning does not effectively detect and block a wide range of threats. This will lead to sales opportunities for integrated or third-party wireless intrusion defense systems (WIPS.

Integrated WIPS are easier to sell. Converting Common AP devices into dedicated sensors can be used to monitor potential threats in wireless communication, including unauthorized AP and attacker DoS, probe, or penetration WLAN. Third-party WIPS, such as AirMagnet and AirTight, use specially crafted sensors to detect and respond to distributed malicious client attacks. Today, most products have made breakthroughs. For example, Motorola AirDefense can be deployed in a dedicated Motorola AP. VAR may want to deploy several WIPS to meet different WLAN suppliers and diversified customer needs.

Traditionally, VAR has sold third-party WIPS server applications and sensors, or integrated WIPS software, installed in WLAN controllers or management applications. The most attractive cloud-based WIPS is the low trial cost before purchase, or it is a permanent solution: divide the WLAN into hundreds of small WLANs for monitoring (for example, retail Industry ).

Investigation and adjustment of 802.11n security threats

Whether or not the WLAN controller reports a wireless security event, an integrated WIPS or a third-party WIPS will be detected during wireless side detection. The WLAN operator needs the forensics tool forensic tools) and specialized technologies to assess the level of impact of the event. WIPS provides real-time Wi-Fi device traces, historical location, and detailed Event Log descriptions. Dedicated WIPS sensors can be installed in packet capture mode to record ongoing attacks.

In some surveys, Mobile Wi-Fi data packet capture and analysis tools are indispensable. Some customers prefer to use free or open-source tools, such as WireShark or Airodump-NG. Other customers prefer to purchase commercial Wi-Fi traffic analysis tools, which can save a lot of time and gain more professional insights in large-scale WLAN. VAR usually sells analysis tools such as AirMagnet Analyzer and WildPackets OmniPeek for WLAN troubleshooting and diagnosis. These tools can also be used by security personnel. Business Opportunities also open the door to selling new and easy-to-use Wi-Fi analyzers, because such a sales method is simpler and more suitable for front-line staff.

Finally, VAR and system integrators may need to consider providing more active wireless security services and products. For example, VAR can sell Wi-Fi Vulnerability Assessment by using the Motorola AirDefense Wireless vulnerability assessment module ). System integrators can also use free tools, such as BackTrack4, to find their own in-depth Wi-Fi testing methods.

Wireless Security Service-endless

Although 802.11n has triggered WLAN upgrade and expansion and hopes to stimulate the wireless security market, the results are not visible in the short term. Security issues cannot be solved permanently at one time for customers. It is a step-by-step process that requires a persistent alert for new threats and vulnerabilities. This is a constant source of revenue for VAR and system integrators.