Secure and effective configuration of Wireless LAN

In the world of wireless networks, it is often effective that secure wireless LAN Settings are faster than solving various problems in the future. Therefore, pay attention to the security settings of wireless networks, which will be described in detail here.

Users claim that wireless security is their priority, but many enterprises do not have all the security options to install when implementing wireless networks. They often think that wireless is easy to install, but it is difficult to ensure security and management.

On a wireless LAN, each access point can set different security levels according to different user requirements. It is a network that is strictly based on identity authentication and is more difficult to exploit. Wireless Networks want users to prove their identity by providing passwords, digital certificates, or biometric identification, such as thumb fingerprints. The system will compare with the AAA Server and confirm that you are the person you claimed to be authorized to enter.

Many may say, "Oh, but what should I do if I encounter identity theft or device theft? According to recent news, the Russian ElcomSoft company used Nvidia graphics cards to increase the time needed to recover wireless passwords by 100 times. What do we think of this? Are these methods not enough to ensure network security ?"

Encryption technology is only an element to ensure network security. But when ElcomSoft mentions cracking WPA or WPA2, It does mean restoring the password of the WPA-PSK through "brute force" attacks. This is not a new technology. You need to compare the 8-digit password (at least 8 digits are required for PSK), which has 208,827,064,576 changes. In this case, it takes at least 345 days to find a password without any rules. If you set a 9-digit password, you may be looking for 25 years. A WPA-PSK can have up to 64 characters of password. Once you verify the user, how do you verify the network for the user to ensure the authenticity of the network? The wireless system will present its certificate to your device to confirm that the network you are logging on to is real and valid.

Another wireless weapon is the authorization certificate. Resources in the wireless network are locked, so when you roam over the network, whenever you move from a new access point to a new area, it will check and confirm your access permissions.

The access point also records every action and sends the information to the server in real time to minimize security violations. For example, visitors obtain the content they should not access and review and track the compliance of security regulations.

In addition to the security of the device itself, wired networks focus on all physical layer issues-such as the Sudden forgetting of laptops on trains. At this time, most of them rely on the appropriate evidentiary materials provided-in addition to the name, there is no need to say anything else to prove their identity.

It is very dangerous to pin network security on the front-end of your office. People can bypass security defense, but if you use a wireless network, once you do not have a proof that the network will immediately stop you from logging in.

Most solutions have very few or are not able to manage the visitor's connection to the visitor's network-learn how the time, location, and visitor's network are used. Not all devices support 802.11i security. Therefore, access to enterprise network resources must be restricted.

The key is to decide what security settings should be adopted, rather than relying on a box to solve all the problems. It is critical to design and plan an appropriate network with the appropriate security level.

Zhuo Jisi has jointly compiled the 802.11i standard, which provides fast roaming for wireless networks while maintaining security. Enterprise Wireless LAN should not be configured with a pre-shared key (WPA or WPA2 PSK ). We also recommend that you pay attention to your identity, not just a password. We recommend that you use WPA2 Enterprise Edition-which uses 802.1x authentication, AES encryption, and AAA servers to support RADIUS.

With management software, you can learn about what is happening on the network in real time around the clock.

Adhering to industry standards and ensuring that your network displays audit trails, wireless is the most reliable and secure. By correctly configuring the wireless LAN, it is safer than the wired network.