 | ||||
| | |||
| ||||
There are many different types of enterprise wireless local area networks (WLANs). Some grow organically as business demands dictate, others are built from a rigid network design plan, and a few exist despite a strict policy against WLANs. But with any type of network, Wi-Fi poses risks to your network.
SearchSecurity.com's Wireless Security Lunchtime Learning Security School allows information security professionals to develop an in-depth understanding of those risks and their countermeasures in a format that's convenient for you.
Each lesson's featured video runs approximately 25-30 minutes, the perfect length to slip into a lunch break. And each video is supported by a series of short technical tips that help you to apply the principles of the video to your own network infrastructure. All of these resources are available on demand, so you can learn on your own schedule.
WIRELESS SECURITY LUNCHTIME LEARNING: ENTRANCE EXAM
Assess your knowledge of wireless LAN security with this 10-question, multiple-choice entrance exam.
LESSON 1: HOW TO COUNTER WIRELESS THREATS AND VULNERABILITIES
Risky business: Understanding Wi-Fi threats
Two out of three companies have deployed business-class 802.11 wireless LANs, but security continues to be their number one challenge. Without adequate safeguards, wireless can open corporate networks to new attacks, from war driving and password cracking to rogues and evil twins. Don't let Wi-Fi become the weak link in your network's armor! Learn the business risks posed by wireless, essential countermeasures that can reduce those risks, and industry best practices for designing, deploying and monitoring secure wireless LANs.
Also included in Lesson 1 are the following technical tips:
- An introduction to wireless security
- List of wireless network attacks
- A wireless network vulnerability assessment checklist
- Hunting for rogue wireless devices
LESSON 2: HOW TO BUILD A SECURE WIRELESS INFRASTRUCTURE
From the ground up: Building a secure wireless infrastructure
Many WLANs grow organically, morphing from pilot projects into loose-knit production networks. But, like castles built of sand, these WLANs lack the firm foundation required to support a truly secure network. Today's Wi-Fi products implement many different security standards and features: WEP, WPA, WPA2, 802.1X, VPN, VLAN. This webcast explains these alternatives in a clear, concise fashion so that you can choose Wi-Fi products that fit within a network architecture that has been designed with security in mind.
Also included in Lesson 2 are the following technical tips:
- How to compartmentalize WiFi traffic with a VLAN
- The role of VPN in an enterprise wireless network
- Wireless AP placement basics
LESSON 3: HOW TO IMPLEMENT SECURE ACCESS
Who goes there? Securing wireless access
Wireless encryption is essential, but addresses only part of the security problem. Security measures are also needed to permit or deny WLAN access, authenticate stations and users, and determine the destinations and applications that each is authorized to reach. This webcast describes readily-available alternatives, from MAC ACLs and captive portals to Preshared Secret Keys and 802.1X Port Access Control.
Also included in Lesson 3 are the following technical tips:
- Security on a budget: How to control access to a WLAN
- 802.1X Port Access Control: Which version is best for you?
- How to configure VLANs with 802.1X for WLAN authorization
- Defeating Evil Twin attacks
LESSON 4: HOW TO USE WIRELESS IPS
I'll be watching you: Wireless IPS
Wireless intrusion prevention systems have become standard operating procedure in corporate networks, including those without formal Wi-Fi deployment. From enforcing "no wireless" policies to blocking unauthorized sessions, these systems help companies see what's happening in their WLANs and provide tools to take corrective action. This video describes the role of WIPS in WLAN security, the features commonly provided by WIPS, and how WIPS differ from (and complement) their wired network counterparts.
Also included in Lesson 4 are the following technical tips:
- How to prevent wireless DoS attacks
- Rogue AP containment methods
- Wireless intrusion prevention systems: Overlay vs. embedded sensors
- How to monitor WLAN performance with WIPS
WIRELESS SECURITY LUNCHTIME LEARNING: FINAL EXAM
You've finished Wireless Security Lunchtime Learning, now take this 10-question, multiple-choice exam to see how much you've retained.
Lisa Phifer owns Core Competence Inc., a consulting firm specializing in network security and management technology. Lisa has been involved in the design, implementation and evaluation of data communications, internetworking, security and network management products for over 25 years. At Core Competence, she has advised large and small companies regarding security needs, product assessment and the use of emerging technologies and best practices. Before joining Core Competence, Lisa was a Member of Technical Staff at Bell Communications Research where she won a president's award for her work on ATM Network Management.
Lisa teaches about wireless LANs, mobile security and virtual private networking at many industry conferences and on-line webinars. Lisa's WLAN Advisor and Wireless-To-Go columns are published by SearchNetworking.com and SearchMobileComputing.com where she is a site expert on wireless LANs. She also has written extensively about network infrastructure and security technologies for numerous publications including Wi-Fi Planet, ISP-Planet, Business Communications Review, Information Security and SearchSecurity.com.
This was first published in June 2009