Building Secure Enterprise WLANs

Users want their WLANs. And no wonder, given the convenience and mobility, not to mention the coolness factor. But unless you're in an industry like retail, education or health care, which have gone wireless in a big way, your users may be having a hard time swaying you. Before they resort to building bizarre, elaborate contraptions to hide their access points, consider this: It is possible to build a secure wireless LAN. Not easy, but possible. Do we detect détente?

Wireless security standards are complicated. Some might even call them ugly. In fact, WEP was broken even before it was broken--the underlying inadequacies in first-generation 802.11 security went well beyond the cryptographic deficiencies in WEP's RC4-based algorithm. The simple concept of "authentication" has a different meaning in the 802.11 community than it does in the broader IT market. To implement a basic ID-password scheme on a WLAN, you need yet another protocol--802.1x, which, when combined with the Extensible Authentication Protocol and a range of EAP authentication types, is workable. Confusing enough for you?

Read Full Story