I read a survey that purports most organizations fail to provide proper guest network security. What are some of...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
the best methods to provide adequate Wi-Fi security for guest users?
These are interesting survey findings indeed. However, I'm never too surprised seeing such studies when they're sponsored by product vendors. I perform many internal network security assessments each year and see fairly robust guest wireless configurations handled by systems from Meraki (Cisco), Aruba Networks and the like. Many businesses I've seen ensure guest network security by physically segmenting them away from the internal LAN and often routing them through a dedicated Internet connection.
The main problem I see with this approach is that the same security controls present inside the corporate network (i.e., Web filtering, enterprise firewall, monitoring/alerting) are often not protecting the wireless environment in the same ways. So, whose responsibility is it to ensure the wireless network is safe? It depends on your approach to risk. Are you evaluating risk in terms of your users or in terms of your own internal network? Most IT shops are concerned about the latter.
Outside of using an enterprise-grade wireless intrusion prevention system, keeping it patched and tested, and tying that environment into your proactive monitoring or security information and event monitoring system, I'm not convinced there's a simple way to protect everyone from each other, especially since you don't have control over the endpoints.
The issue is, once you start locking down guest wireless, you'll get complaints and can experience various problems that can tie up help desk and related IT resources. In the end, your business needs to decide whether it makes sense to spend time, money and effort attempting to secure something that may not be truly securable.
Ask the Expert:
Have a question about network security? Send it via email today. (All questions are anonymous.)
Learn more about securing the wireless guest network
Dig Deeper on Wireless network security
Related Q&A from Kevin Beaver
The WannaCry TCP port 445 exploit returned the spotlight to Microsoft's long-abused networking port. Network security expert Kevin Beaver explains ...continue reading
Enterprise network security expert Kevin Beaver compares and contrasts the roles of an inbound firewall and an outbound firewall. Find out what the ...continue reading
Knowing how to test for security flaws is vital, but it's a complicated and changing field. Expert Kevin Beaver offers security testing basics.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.