How to build a secure wireless infrastructure

Wireless Lunchtime Learning Security School

How to build a secure wireless infrastructure

Many WLANs grow organically, morphing from pilot projects into loose-knit production networks. But, like castles built of sand, these WLANs lack the firm foundation required to support a truly secure network. Today's Wi-Fi products implement many different security standards and features: WEP, WPA, WPA2, 802.1X, VPN, VLAN. The webcast in Lesson 2 of SearchSecurity.com's Wireless Lunchtime Learning Security School explains these alternatives to help enterprises choose Wi-Fi products that fit within a network architecture that has been designed with security in mind.

Also included in Lesson 2 are the following technical tips:
  • How to compartmentalize WiFi traffic with a VLAN
  • The role of VPN in an enterprise wireless network
  • Wireless AP placement basics

In this part:

Webcast: From the ground up: Creating a secure wireless infrastructure

Many WLANs grow organically, morphing from pilot projects into loose-knit production networks. But, like castles built of sand, these WLANs lack the firm foundation required to support a truly secure network. Today's Wi-Fi products implement many different security standards and features: WEP, WPA, WPA2, 802.1X, VPN, VLAN. This webcast explains these alternatives in a clear, concise fashion so that you can choose Wi-Fi products that fit within a network architecture that has been designed with security in mind. (Length: 20 minutes)

Tip: Getting from here to there: WPA2 migration

WEP has been cracked, WPA is a bandage, and your CSO recommends upgrading to WPA2. Great, but that's just not going to happen overnight. How do you migrate your installed base of legacy equipment? This tip recommends a workable strategy for migration, permitting peaceful coexistence between old and new devices with divergent security features.

Tip: Using VLANs to compartmentalize WLAN traffic

Virtual LANs have long been used within enterprise networks to create logical workgroups, independent of physical location or LAN topology. This tip describes how to use these same VLAN capabilities, found in both wired and wireless devices, to tag and compartmentalize Wi-Fi traffic, supporting your company's security and traffic management policies.

Tip: The role of VPN in enterprise wireless

Early WLANs frequently re-used remote access VPN clients to overcome the limitations of WEP and related security concerns. But, given improvements in Wi-Fi security, do VPNs still have a role to play in enterprise wireless? What are the practical benefits and limitations of using a VPN over wireless? This tip discusses where to make best use of VPNs and how to smooth over conflicts between WLAN roaming and VPN tunnels.

Tip: The ins and outs of AP placement

Many installers make the mistake of treating WLANs just like Ethernet, placing APs in locations that facilitate outsider access to corporate networks. But, from a security perspective, WLANs should be treated like the Internet -- a network composed of trusted and untrusted users. This tip offers network topology and physical positioning recommendations for safer AP deployment.

Quiz: Lesson 2: From the ground up

Find out how much you learned in Lesson 2.

TAKE THE QUIZ