Securing Your Wireless LAN


Visitors: 150


It has become common practice to deploy wireless networks for convenience applications requiring users to be mobile. Also many “road warriors" have Wi-Fi accounts that let them access the Internet and the corporate network from remote locations. Furthermore, many deploy Wi-Fi at home to avoid the difficulties of wiring the home. But because wireless networks operate by broadcasting a radio signal between nodes, they are especially vulnerable to hackers and abuse.

Wired equivalent privacy (WEP) has been used in the past to secure wireless LANs. However, WEP has significant weaknesses, most notably that it uses encryption keys that are both static and known by stations across the network, and it uses a weak implementation of the encryption algorithm. Thus, it is important that wireless networks be protected by the new generation of security features now available.

Advanced Wireless Security Features

IT personnel have a number of available options to make their wireless networks more secure than they are using WEP:

  • The Wi-Fi Alliance has developed Wi-Fi Protected Access (WPA), which is a standards-based security technology based on the IEEE 802.1X standard. It is free and built into both Windows XP and Macintosh OS/X. Any equipment with the Wi-Fi Alliance sticker is assured to support WPA. WPA2, implementing IEEE 802.11i, has been released, so users of WPA should plan on a migration as equipment using the new standard becomes available.

  • Isolating the wireless network on a private LAN is an option for those who like the security of Virtual Private Networks (VPNs). IPSec (IP Security) is available as an even stronger alternative to WPA and WPA2. IPSec supports the secure exchange of packets at the IP layer and has been deployed widely to implement VPNs. Although a less secure VPN option than IPSec, Point-to-Point Tunneling Protocol (PPTP) can be layered over WEP to provide authentication and a second layer of encryption as an option for those who need support for older laptop systems. Whatever solution is used, you must be sure road warriors always access corporate resources over connections that are protected using strong encryption, either via a VPN or using SSL-enabled web pages.

  • Isolating clients by preventing them from talking to one another on the wireless network is an option which prevents wireless hackers from attacking other users. This is especially useful in public wireless networks, and client isolation is a common feature in the more advanced wireless access points and hotspot kits.

  • Controlling access to the wireless network while also enabling access for guests is often a problem. Many wireless devices support guest access by segregating unauthenticated users in a separate virtual LAN apart from the corporate network. You may also want to impose a simple firewall that supports web authentication.

  • Access to the wireless network can also be restricted to machines whose MAC addresses match addresses on an approved list. The list can be either static or stored on a RADIUS server for look-up.

  • Finally, most of the more sophisticated access points have adjustable signal strengths, varying from only a few milliwatts up to several hundred milliwatts. Varying the signal strength can prevent signal from leaking out of the building to surrounding buildings and parking lots, and can prevent eavesdroppers from picking up the wireless signal while sitting in their vehicles or in a nearby building.


    Products are now being offered which make available commercial implementations of new standards in wireless network security. Complications can arise when trying to integrate new equipment and standards with legacy systems, but in many cases vendors have accommodated such deployment scenarios. With these new products and the standards they implement, your wireless network can be at least as secure as your wire-based network.

    About Jonathan Coupal:

    Jonathan Coupal is the Vice President and Chief Technology Officer of ITX Corp. Mr. Coupal manages both the day-to-day and strategic operations of the Technology Integration Practice Group. Among Mr. Coupal’s greatest strengths are evaluating customers’ unique problems, developing innovative, cost effective solutions and providing a “best practice" implementation methodology. Mr. Coupal’s extensive knowledge and experience enables him to fully analyze client systems to recommend the most effective technologies and solutions that will both optimize their business processes and fulfill immediate and future goals. Mr. Coupal and his team build a high level of trust with clients, establishing ITX as their IT partner of choice. Mr. Coupal holds certifications with Microsoft and CompTia, including MCSE, MCSA, Security+, Linux+ and i-Net+, and served as a Subject Matter Expert (SME) for the development of the CompTia Linux+.

    About ITX Corp:

    ITX Corp is a business consulting and technology solutions firm focused in nine practice areas including Business Performance, Internet Marketing, IT Staffing, IT Solution Strategies and Implementation, Technical Services, Internet Services, and Technology Research. To learn more about what ITX can do for you visit our website at or contact us at (800) 600-7785.

  • (853)

    Article Source:

    Rate this Article:  0.0/5(0 Ratings)

    Related Articles:

    Securing your Wireless Network

    by: Matt Christensen (January 29, 2007) 
    (Computers and Technology)

    Securing your Wireless Network

    by: Jim Rutherford (December 06, 2005) 
    (Internet and Businesses Online/Security)

    3 Important Techniques for Securing a Wireless Network

    by: Gary Hendricks (January 31, 2006) 
    (Computers and Technology/Mobile Computing)

    Securing Wireless Networks - Small Business and Residential Setups

    by: Oladotun Ogunsulire (July 08, 2008) 
    (Computers and Technology/Mobile Computing)

    Debunking Wireless Urban Legends, Part I - Wireless Networks are Intrinsically ..

    by: Lawrence Allhands (April 23, 2008) 
    (Computers and Technology)

    Wireless POS & Wireless Mobile Computing- Hospitality Technology Increases ..

    by: Derek Meade (January 02, 2006) 
    (Computers and Technology/Software)

    Wireless Home Networking: 20 Things Not to Do When Setting up Your Wireless ..

    by: Eric Meyer (April 14, 2006) 
    (Computers and Technology/Personal Tech)

    Reverse Wireless Lookup – Everything You Need To Know To Identify Any Unknown .

    by: Alec McEachern (July 01, 2010) 
    (Communications/Mobile Cell Phone)

    Home Entertainment Has Gone Wireless with Wireless surround sound

    by: Scott Beshenich (August 24, 2011) 
    (Shopping and Product Reviews/Electronics)

    Wireless Video Conferencing - How The Smithsonian Went Wireless

    by: Harold German (April 19, 2006) 
    (Communications/Video Conferencing)