- Define business requirements (assets and wireless access needs).
- Identify threats and quantify risks.
- Document your WLAN security policy.
- Disseminate policy to everyone.
- Conduct site survey, creating inventories and maps.
- Lay out access points (APs) and antennas to minimize signal leakage.
- Determine AP placement relative to existing firewalls.
- Pick approach to protect adjacent wired network.
- Define network topology and impact on routers, VLANs.
- Identify reuse of access control lists (ACLs), DHCP, user databases, desktop security software.
- Identify software and procedures to harden APs and stations.
- Identify interfaces for integrated WLAN management and monitoring.
- Determine need for WLAN-specific policy management tools.
- Pick access control method(s): MAC ACLs, 802.1X, SSL portal.
- Define access policies for authorized APs, stations, users, groups and guests.
- Issue and distribute authentication credentials to every station.
- Select encryption layer(s): 802.11, network, transport, application.
- Pick authentication method(s): none, shared key, EAP, VPN, SSL login.
- Identify software required on stations, APs and authentication servers.
- For link-layer crypto, apply WPA upgrades to APs.
- For network/transport crypto, choose tunneling protocol and cipher(s).
- Determine key distribution and refresh method.
Deployment and beyond
- Penetration test existing network to create security baseline.
- Stage WLAN, pen test and fix vulnerabilities.
- Pen test after deployment and fix until remaining risks are acceptable.
- Monitor WLAN for suspicious activity; track usage.
- Repeat discovery and vulnerability assessment at regular intervals.
- Determine need for and implement wireless intrusion detection.
- Do forever: Maintain security policy; plan for and implement updates.
MORE INFORMATION ON WIRELESS LANs:
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.