Wireless Security School

Wireless Lunchtime Learning Security School

There are many different types of enterprise wireless local area networks (WLANs). Some grow organically as business demands dictate, others are built from a rigid network design plan, and a few exist despite a strict policy against WLANs. But with any type of network, Wi-Fi poses risks to your network.

SearchSecurity.com's Wireless Lunchtime Learning Security School allows information security professionals to develop an in-depth understanding of those risks and their countermeasures in a format that's convenient for you.

Each lesson's featured video runs approximately 25-30 minutes, the perfect length to slip into a lunch break. And each video is supported by a series of short technical tips that help you to apply the principles of the video to your own network infrastructure. All of these resources are available on demand, so you can learn on your own schedule.

How much do you know about enterprise wireless LAN security? Test your knowledge of how to secure a wireless LAN before jumping into the Wireless Security School Lessons.

Table of contents:

How to counter wireless threats and vulnerabilities

Two out of three companies have deployed business-class 802.11 wireless LANs, but security continues to be their number one challenge. Without adequate safeguards, wireless can open corporate networks to new attacks, from war driving and password cracking to rogues and evil twins. In the featured webcast from Lesson 1 of SearchSecurity.com's Wireless Lunchtime Learning Security School, learn the business risks posed by wireless, essential countermeasures that can reduce those risks, and industry best practices for designing, deploying and monitoring secure wireless LANs.

Also included in Lesson 1 are the following technical tips:

  • An introduction to wireless security
  • List of wireless network attacks
  • A wireless network vulnerability assessment checklist
  • Hunting for rogue wireless devices

How to build a secure wireless infrastructure

Many WLANs grow organically, morphing from pilot projects into loose-knit production networks. But, like castles built of sand, these WLANs lack the firm foundation required to support a truly secure network. Today's Wi-Fi products implement many different security standards and features: WEP, WPA, WPA2, 802.1X, VPN, VLAN. The webcast in Lesson 2 of SearchSecurity.com's Wireless Lunchtime Learning Security School explains these alternatives to help enterprises choose Wi-Fi products that fit within a network architecture that has been designed with security in mind.

Also included in Lesson 2 are the following technical tips:

  • How to compartmentalize WiFi traffic with a VLAN
  • The role of VPN in an enterprise wireless network
  • Wireless AP placement basics

Implementing secure wireless access

Wireless encryption is essential, but addresses only part of the security problem. Security measures are also needed to permit or deny WLAN access, authenticate stations and users, and determine the destinations and applications that each is authorized to reach. This webcast from Lesson 3 of SearchSecurity.com's Wireless Lunchtime Learning Security School describes readily available alternatives, from MAC ACLs and captive portals to Preshared Secret Keys and 802.1X Port Access Control.

Also included in Lesson 3 are the following technical tips:

  • Security on a budget: How to control access to a WLAN
  • 802.1X Port Access Control: Which version is best for you?
  • How to configure VLANs with 802.1X for WLAN authorization
  • Defeating Evil Twin attacks

How to use wireless IPS

Wireless intrusion prevention systems have become standard operating procedure in corporate networks, including those without formal Wi-Fi deployment. From enforcing "no wireless" policies to blocking unauthorized sessions, these systems help companies see what's happening in their WLANs and provide tools to take corrective action. The webcast from Lesson 4 of SearchSecurity.com's Wireless Lunchtime Learning Security School describes the role of WIPS in WLAN security, the features commonly provided by WIPS, and how WIPS differ from (and complement) their wired network counterparts.

Also included in Lesson 4 are the following technical tips:

  • How to prevent wireless DoS attacks
  • Rogue AP containment methods
  • Wireless intrusion prevention systems: Overlay vs. embedded sensors
  • How to monitor WLAN performance with WIPS

Final Exam and Meet the Instructor

You've finished Wireless Security Lunchtime Learning, now take this 10-question, multiple-choice exam to see how much you've retained. Take the final exam now.

Lisa Phifer owns Core Competence Inc., a consulting firm specializing in business use of emerging Internet technologies. Lisa has been involved in the design, implementation and evaluation of internetworking, security and management products for 30 years.

At Core Competence, she has advised large and small companies regarding security needs, product assessment and the use of emerging technologies and best practices. She teaches about wireless LAN and mobile device administration and security, and has written extensively for numerous publications, including Information Security, SearchSecurity, SearchMobileComputing, TomsITPro, and Wi-Fi Planet. Phifer's insight columns and technical tips are published monthly by SearchNetworking and the AirWISE Community Security Center. She holds an MS, Computer Science from Villanova University, and a BS in Computer Science from West Chester University.

Read more content from Lisa Phifer.