Security Analysis: WLAN is safer than wired

Source: Internet
Author: User

This article gives you a detailed description of which of the following aspects is more secure for WLAN and wireless networks. I believe this article will be helpful to you.

Wireless Networks were once considered a game farm for hackers and malicious attacks. However, wireless networks are rapidly becoming a safer means of communication than wired networks.

By Using VPN, WPA (Wi-Fi protection access), 802.1x WPA2, and other encryption and identity recognition technologies, the theory that wireless LAN equals unsafe LAN is outdated.

Bill Terrill, a senior analyst at Burton Group, a market research firm in Midvale, Utah, said that in many cases, your wireless network is safer than your wired network.

According to Terrill, security vulnerabilities in wireless networks are generally not the result of insecure products, but the result of network administrators failing to use appropriate tools to give full play to their advantages. He said the biggest threat to WLAN is network administrators who do not enable security and monitor the network. It is unreasonable for enterprises to have no wireless network security measures.

Lisa Phifer, vice president of Core Competence and SearchNetworking.com website expert, said their biggest threat is that WLAN may be considered a way to intrude into the company's wired network.

Evaluate these threats

Phifer said these concerns indicate that fraudulent Access Point Detection systems are increasingly popular to prevent employees inside the firewall from installing fraudulent access points or preventing employees from accidentally connecting to nearby or under-attack access points. She said that fraudulent access points can bypass existing network defense measures.

Phifer says one organization's primary defense against these activities is wireless activity monitoring and Event Response. At present, there are many wireless intrusion detection and defense systems that can help enterprises find out what is happening in the air, inside and near the enterprise premises.

Phifer said that some products also provide automatic response capabilities, such as using wireless or wired Containment Technology to cut off suspicious, fraudulent access points or using local tools to track that access point.

Hackers are not as worried as they were in the past. Recent improvements to wireless security by protocols such as 802.11i, 802.1x, and WPA2 have eliminated the most worrying threats to data confidentiality, it also provides some simple methods to implement stricter WLAN Access Management and user identification.

Phifer said, however, these improvements mainly improve the security of legitimate wireless activities. These improvements do nothing to prevent fraudulent access points, sites with incorrect configurations, or DoS attacks against the WLAN itself. Attackers can still exploit all these security vulnerabilities, such as DoS or 802.1x logout packet storm, to interrupt the normal operation of WLAN.

Terrill also agrees with this idea. He said that because WLAN is safe, hackers can no longer access it. Hackers cannot access your network, but they can interrupt your network, which is also a potential problem.

One way for hackers to interrupt your network is to send disconnected data packets to users on a company network. These packets force these users to log out at the same time and log on again. This will overload the server and cause network interruption.

Dave Danielson, vice president of marketing at Blusesocket, a wireless network intrusion detection system vendor in burington, Massachusetts, said, this threat is no longer the case where hackers with black ski masks squatted into the company's network in the company's parking lot.

Danielson added that most of the events that intrude into enterprise wireless networks are caused by errors. If unauthorized users do not follow the appropriate process, they are harmful to the enterprise network. People who do not use available tools are the biggest threats.

Monitor radio frequency

Bluesocket released a new centralized radio frequency sensor this week. This equipment protects the network by observing, monitoring the radio frequency, and verifying the security of the radio frequency.

'Centralized sensors can monitor a city area on a four-tier floor, and distributed sensors can cover about 100 meters, 'says Danielson. This sensor detects and reports exceptions.

He said there are still some basic steps to ensure network security. Radio frequency protection is a necessary and important solution. Some people think that layer-by-layer building barrier is a fortress and moat to protect network security. Wireless blur the feeling of the entire fortress.

Trapeze launched a new security feature this week. This is an AirDefense sensor integrated into the Trapeze wireless access point. Bruce Van Nice, vice president of Trapeze for global marketing, said this integrated feature allows 24 hours a day 7 days a week to monitor fault points on the network.

Similarly, Enterasys of Andover in Massachusetts has launched a new wireless security product, including AP4102 unified access point, AP1002 thin access point, and 8400 wireless switch.

Pabhu Kavi, wireless product manager of Enterasys, said yesterday that these new products will ensure the correct type of communication flow and are carried out between authorized parties.

Kavi says these new products can block and restrict wireless network ports that are vulnerable to virus infection, and provide users with security policies that specify what they can access and what they cannot access.

In an appropriately configured network, security is very strict. However, there are still a large number of applications in wireless networks that have not yet taken rigorous security measures. The general feeling is that if you access a network within a company, you are a trustworthy user. We believe that security is not just the latest encryption and identity recognition tools.

Kavi said that Enterasys's product is distinctive in its ability to detect fraudulent access points, isolate these access points, and automatically close the ports connected to these access points to prevent attacks.

Kavi said that wireless networks were vulnerable to attacks before these advances were made.

Key to ensuring WLAN Security

Danielson said that the three key measures to ensure WLAN security are observation, monitoring and protection. You must not only ensure the security of Good Faith users. You also need to ensure that the radio frequency is far from the security of hackers and spies. You must view radio frequencies and monitor them to ensure their security.

Several major vendors, including the Aruba network and Cisco Aironet, provide security kits to verify that most devices are logged on to the wireless network, said Terrill. These toolkit are configured with the latest tools for virus protection, firewall, and scanning other security vulnerabilities. Other products, including radio frequency sensors, also provide protective measures. However, some people need to respond to the abnormal activities detected by the sensor.

He said that wireless security is basically very strong, if you use wireless security tools and use them properly. Such security is completely common sense and the use of existing tools.

However, Phifer says that no network is completely secure, even though all protection measures are adopted. She said that the goal of any security plan is to lower the risk to an acceptable level based on business needs and costs. I strongly believe that most companies can make their wireless applications safer. However, I also think that this requires hard work and planning.
 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.